use of com.bluenimble.platform.api.ApiManagementException in project serverless by bluenimble.
the class ScriptableApiServiceSpi method onStop.
@Override
public void onStop(Api api, ApiService service, ApiContext context) throws ApiManagementException {
SpecAndSpiPair apiHelper = (SpecAndSpiPair) api.getHelper();
if (apiHelper == null) {
throw new ApiManagementException("api '" + api.getNamespace() + "' doesn't support scripting");
}
Object jsApi = apiHelper.spec();
if (jsApi == null) {
throw new ApiManagementException("api '" + api.getNamespace() + "' doesn't support scripting");
}
SpecAndSpiPair serviceHelper = (SpecAndSpiPair) service.getHelper();
Object spi = serviceHelper.spi();
if (spi == null) {
return;
}
ScriptingEngine engine = api.space().feature(ScriptingEngine.class, ApiSpace.Features.Default, context);
if (!engine.has(spi, Functions.OnStop)) {
return;
}
// invoke onStop
try {
engine.invoke(spi, Functions.OnStop, jsApi, serviceHelper.spec(), context);
} catch (ScriptingEngineException ex) {
api.tracer().log(Level.Error, Lang.BLANK, ex);
}
}
use of com.bluenimble.platform.api.ApiManagementException in project serverless by bluenimble.
the class ScriptableApiSpi method onStart.
@Override
public void onStart(Api api, ApiContext context) throws ApiManagementException {
String script = Json.getString(api.getRuntime(), Api.Spec.Runtime.Function);
if (Lang.isNullOrEmpty(script)) {
throw new ApiManagementException("function not defined in " + ApiUtils.RuntimeKey);
}
String[] path = Lang.split(script, Lang.SLASH);
ApiResource rScript = null;
try {
rScript = api.getResourcesManager().get(path);
} catch (ApiResourcesManagerException ex) {
throw new ApiManagementException(ex.getMessage(), ex);
}
if (rScript == null) {
throw new ApiManagementException("function '" + Lang.join(path, Lang.SLASH) + "' not found");
}
ScriptingEngine engine = api.space().feature(ScriptingEngine.class, ApiSpace.Features.Default, context);
// create the spi
Object jsSpi = null;
try {
jsSpi = engine.eval(Supported.Javascript, api, rScript, ScriptContext.Empty);
} catch (Exception ex) {
throw new ApiManagementException(ex.getMessage(), ex);
}
if (jsSpi == null) {
throw new ApiManagementException("function returned an undefined object");
}
// create the api object
Object jsApi = null;
try {
jsApi = engine.invoke(null, Api.class.getSimpleName(), api);
} catch (Exception ex) {
throw new ApiManagementException(ex.getMessage(), ex);
}
if (jsApi == null) {
throw new ApiManagementException("can't create 'api spec' js object");
}
api.setHelper(new SpecAndSpiPair(jsApi, jsSpi));
if (!engine.has(jsSpi, Functions.OnStart)) {
return;
}
// invoke onStart
try {
engine.invoke(jsSpi, Functions.OnStart, jsApi, context);
} catch (ScriptingEngineException ex) {
ex.setScript(script);
throw new ApiManagementException(ex.getMessage(), ex);
}
}
use of com.bluenimble.platform.api.ApiManagementException in project serverless by bluenimble.
the class CookieConsumerResolver method authorize.
@Override
public ApiConsumer authorize(Api api, ApiService service, ApiRequest request, ApiConsumer consumer) throws ApiAuthenticationException {
JsonObject auth = Json.getObject(Json.getObject(Json.getObject(api.getSecurity(), Api.Spec.Security.Schemes), MethodName), Api.Spec.Security.Auth);
if (auth == null || auth.isEmpty()) {
return consumer;
}
String token = (String) consumer.get(ApiConsumer.Fields.Token);
// decrypt token
String decrypted = null;
JsonObject secrets;
try {
secrets = api.space().getSecrets(Json.getString(auth, Spec.Auth.Secrets));
} catch (ApiManagementException e) {
throw new ApiAuthenticationException(e.getMessage(), e);
}
if (secrets != null && secrets.containsKey(ApiSpace.Spec.secrets.Key)) {
String key = Json.getString(secrets, ApiSpace.Spec.secrets.Key);
Crypto.Algorithm alg = Crypto.Algorithm.AES;
try {
alg = Crypto.Algorithm.valueOf(Json.getString(secrets, ApiSpace.Spec.secrets.Algorithm, Crypto.Algorithm.AES.name()).toUpperCase());
} catch (Exception ex) {
api.tracer().log(Tracer.Level.Error, Lang.BLANK, ex);
// IGNORE - > invalid token
}
try {
decrypted = new String(Crypto.decrypt(Lang.decodeHex(token.toCharArray()), key, alg));
} catch (Exception ex) {
api.tracer().log(Tracer.Level.Error, Lang.BLANK, ex);
// IGNORE - > invalid token
}
}
boolean isServiceSecure = Json.getBoolean(service.getSecurity(), ApiService.Spec.Security.Enabled, true);
if (decrypted == null) {
if (isServiceSecure) {
throw new ApiAuthenticationException("invalid token");
} else {
return consumer;
}
}
String[] idAndExpiry = Lang.split(decrypted, Lang.SPACE);
if (idAndExpiry.length > 1) {
long expiry = Long.valueOf(idAndExpiry[1]);
if (expiry < System.currentTimeMillis()) {
if (isServiceSecure) {
throw new ApiAuthenticationException("token expired");
}
}
consumer.set(ApiConsumer.Fields.ExpiryDate, Lang.toUTC(new Date(expiry)));
}
consumer.set(ApiConsumer.Fields.Id, idAndExpiry[0]);
consumer.set(ApiConsumer.Fields.Permissions, secrets.get(ApiConsumer.Fields.Permissions));
consumer.set(ApiConsumer.Fields.Anonymous, false);
return consumer;
}
use of com.bluenimble.platform.api.ApiManagementException in project serverless by bluenimble.
the class TokenConsumerResolver method authorize.
@Override
public ApiConsumer authorize(Api api, ApiService service, ApiRequest request, ApiConsumer consumer) throws ApiAuthenticationException {
JsonObject auth = Json.getObject(Json.getObject(Json.getObject(api.getSecurity(), Api.Spec.Security.Schemes), MethodName), Api.Spec.Security.Auth);
if (auth == null || auth.isEmpty()) {
return consumer;
}
String token = (String) consumer.get(ApiConsumer.Fields.Token);
// decrypt token
String decrypted = null;
JsonObject secrets;
try {
secrets = api.space().getSecrets(Json.getString(auth, Spec.Auth.Secrets));
} catch (ApiManagementException e) {
throw new ApiAuthenticationException(e.getMessage(), e);
}
if (secrets != null && secrets.containsKey(ApiSpace.Spec.secrets.Key)) {
String key = Json.getString(secrets, ApiSpace.Spec.secrets.Key);
Crypto.Algorithm alg = Crypto.Algorithm.AES;
try {
alg = Crypto.Algorithm.valueOf(Json.getString(secrets, ApiSpace.Spec.secrets.Algorithm, Crypto.Algorithm.AES.name()).toUpperCase());
} catch (Exception ex) {
api.tracer().log(Tracer.Level.Error, Lang.BLANK, ex);
// IGNORE - > invalid token
}
try {
decrypted = new String(Crypto.decrypt(Lang.decodeHex(token.toCharArray()), key, alg));
} catch (Exception ex) {
api.tracer().log(Tracer.Level.Error, Lang.BLANK, ex);
// IGNORE - > invalid token
}
}
boolean isServiceSecure = Json.getBoolean(service.getSecurity(), ApiService.Spec.Security.Enabled, true);
if (decrypted == null) {
if (isServiceSecure) {
throw new ApiAuthenticationException("invalid token");
} else {
return consumer;
}
}
int indexOfSpace = decrypted.indexOf(Lang.SPACE);
if (indexOfSpace < 0) {
if (isServiceSecure) {
throw new ApiAuthenticationException("invalid token");
} else {
return consumer;
}
}
String sExpiry = decrypted.substring(0, indexOfSpace);
long expiry = Long.valueOf(sExpiry);
if (expiry < System.currentTimeMillis()) {
if (isServiceSecure) {
throw new ApiAuthenticationException("token expired");
}
}
consumer.set(ApiConsumer.Fields.ExpiryDate, Lang.toUTC(new Date(expiry)));
String sInfo = decrypted.substring(indexOfSpace + 1);
JsonArray fields = Json.getArray(api.getSecurity(), Api.Spec.Security.Encrypt);
if (fields == null || fields.isEmpty()) {
consumer.set(ApiConsumer.Fields.Id, sInfo);
} else {
String[] values = Lang.split(sInfo, Lang.SEMICOLON);
for (int i = 0; i < fields.count(); i++) {
if (i >= values.length) {
break;
}
consumer.set((String) fields.get(i), values[i]);
}
}
consumer.set(ApiConsumer.Fields.Permissions, secrets.get(ApiConsumer.Fields.Permissions));
consumer.set(ApiConsumer.Fields.Anonymous, false);
return consumer;
}
use of com.bluenimble.platform.api.ApiManagementException in project serverless by bluenimble.
the class CreateSpaceSpi method execute.
@Override
public ApiOutput execute(Api api, ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
String namespace = (String) request.get(Spec.Space);
JsonObject oSpace = (JsonObject) spaceModel.duplicate().set(ApiSpace.Spec.Namespace, namespace);
// set default secrets
JsonObject defaultSecrets = Json.getObject(Json.getObject(oSpace, ApiSpace.Spec.secrets.class.getSimpleName()), ApiSpace.Secrets.Default);
if (defaultSecrets != null) {
defaultSecrets.set(ApiSpace.Spec.secrets.Key, Lang.UUID(16));
}
// create space
ApiSpace newSpace = null;
try {
newSpace = api.space().create(oSpace);
} catch (ApiManagementException e) {
throw new ApiServiceExecutionException(e.getMessage(), e);
}
// create root keys
Map<String, Object> properties = new HashMap<String, Object>();
properties.put(CommonSpec.Role, Role.ADMIN.name());
List<KeyPair> keys = null;
try {
keys = newSpace.keystore().create(1, null, properties);
} catch (Exception e) {
throw new ApiServiceExecutionException(e.getMessage(), e);
}
JsonObject result = newSpace.describe(DescribeOption.Info);
if (keys != null) {
result.set(CommonOutput.Keys, keys.get(0).toJson());
}
return new JsonApiOutput(result);
}
Aggregations