Search in sources :

Example 1 with ApiConsumer

use of com.bluenimble.platform.api.security.ApiConsumer in project serverless by bluenimble.

the class SignatureConsumerResolver method resolve.

@Override
public ApiConsumer resolve(Api api, ApiService service, ApiRequest request) throws ApiAuthenticationException {
    JsonObject oResolver = Json.getObject(Json.getObject(api.getSecurity(), Api.Spec.Security.Schemes), MethodName);
    String scheme = Json.getString(oResolver, Spec.Scheme, Defaults.Scheme);
    String auth = (String) request.get(ApiHeaders.Authorization, Scope.Header);
    if (Lang.isNullOrEmpty(auth)) {
        return null;
    }
    String[] pair = Lang.split(auth, Lang.SPACE, true);
    if (pair.length < 2) {
        return null;
    }
    String rScheme = pair[0];
    if (!rScheme.equals(scheme)) {
        return null;
    }
    String accessKeyAndSignature = pair[1];
    if (Lang.isNullOrEmpty(accessKeyAndSignature)) {
        return null;
    }
    int indexOfColon = accessKeyAndSignature.indexOf(Lang.COLON);
    if (indexOfColon <= 0) {
        return null;
    }
    String accessKey = accessKeyAndSignature.substring(0, indexOfColon);
    String signature = accessKeyAndSignature.substring(indexOfColon + 1);
    ApiConsumer consumer = new DefaultApiConsumer(ApiConsumer.Type.Signature);
    consumer.set(ApiConsumer.Fields.AccessKey, accessKey);
    consumer.set(ApiConsumer.Fields.Signature, signature);
    return consumer;
}
Also used : DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer) ApiConsumer(com.bluenimble.platform.api.security.ApiConsumer) JsonObject(com.bluenimble.platform.json.JsonObject) DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)

Example 2 with ApiConsumer

use of com.bluenimble.platform.api.security.ApiConsumer in project serverless by bluenimble.

the class BasicConsumerResolver method resolve.

@Override
public ApiConsumer resolve(Api api, ApiService service, ApiRequest request) throws ApiAuthenticationException {
    String authHeader = (String) request.get(ApiHeaders.Authorization, Scope.Header);
    if (Lang.isNullOrEmpty(authHeader)) {
        return null;
    }
    String[] pair = Lang.split(authHeader, Lang.SPACE, true);
    if (pair.length < 2) {
        return null;
    }
    String app = pair[0];
    if (!app.equals(BasicAuth)) {
        return null;
    }
    String credentials = new String(Base64.decodeBase64(pair[1]));
    String[] aCredentials = Lang.split(credentials, Lang.COLON, true);
    if (aCredentials == null || aCredentials.length < 2) {
        return null;
    }
    ApiConsumer consumer = new DefaultApiConsumer(ApiConsumer.Type.Basic);
    consumer.set(ApiConsumer.Fields.Id, aCredentials[0]);
    consumer.set(ApiConsumer.Fields.Password, aCredentials[1]);
    return consumer;
}
Also used : DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer) ApiConsumer(com.bluenimble.platform.api.security.ApiConsumer) DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)

Example 3 with ApiConsumer

use of com.bluenimble.platform.api.security.ApiConsumer in project serverless by bluenimble.

the class CookieConsumerResolver method resolve.

@Override
public ApiConsumer resolve(Api api, ApiService service, ApiRequest request) throws ApiAuthenticationException {
    JsonObject oResolver = Json.getObject(Json.getObject(api.getSecurity(), Api.Spec.Security.Schemes), MethodName);
    String cookie = (String) request.get(ApiHeaders.Cookie, Scope.Header);
    if (Lang.isNullOrEmpty(cookie)) {
        return null;
    }
    JsonArray cookiesNames = Json.getArray(oResolver, Spec.Names);
    if (cookiesNames == null) {
        cookiesNames = Defaults.Cookies;
    }
    if (cookiesNames.isEmpty()) {
        return null;
    }
    String token = null;
    for (int i = 0; i < cookiesNames.count(); i++) {
        String cookieName = String.valueOf(cookiesNames.get(i));
        String[] cookieEntries = cookie.split(Lang.SEMICOLON);
        for (String cookieEntry : cookieEntries) {
            cookieEntry = cookieEntry.trim();
            if (cookieEntry.startsWith(cookieName + Lang.EQUALS)) {
                token = cookieEntry.substring((cookieName + Lang.EQUALS).length());
            }
        }
        if (!Lang.isNullOrEmpty(token)) {
            break;
        }
    }
    if (Lang.isNullOrEmpty(token)) {
        return null;
    }
    ApiConsumer consumer = new DefaultApiConsumer(ApiConsumer.Type.Cookie);
    consumer.set(ApiConsumer.Fields.Token, token);
    return consumer;
}
Also used : JsonArray(com.bluenimble.platform.json.JsonArray) DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer) ApiConsumer(com.bluenimble.platform.api.security.ApiConsumer) JsonObject(com.bluenimble.platform.json.JsonObject) DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)

Example 4 with ApiConsumer

use of com.bluenimble.platform.api.security.ApiConsumer in project serverless by bluenimble.

the class TokenConsumerResolver method resolve.

@Override
public ApiConsumer resolve(Api api, ApiService service, ApiRequest request) throws ApiAuthenticationException {
    JsonObject oResolver = Json.getObject(Json.getObject(api.getSecurity(), Api.Spec.Security.Schemes), MethodName);
    String scheme = Json.getString(oResolver, Spec.Scheme, Defaults.Scheme);
    String placeholder = Json.getString(service.getSecurity(), ApiService.Spec.Security.Placeholder, Scope.Header.name());
    String authHeader = (String) request.get(ApiHeaders.Authorization, Scope.valueOf(placeholder));
    if (Lang.isNullOrEmpty(authHeader)) {
        return null;
    }
    String[] pair = Lang.split(authHeader, Lang.SPACE, true);
    if (pair.length < 2) {
        return null;
    }
    String app = pair[0];
    String token = pair[1];
    if (!app.equalsIgnoreCase(scheme)) {
        return null;
    }
    ApiConsumer consumer = new DefaultApiConsumer(ApiConsumer.Type.Token);
    consumer.set(ApiConsumer.Fields.Token, token);
    return consumer;
}
Also used : DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer) ApiConsumer(com.bluenimble.platform.api.security.ApiConsumer) JsonObject(com.bluenimble.platform.json.JsonObject) DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)

Example 5 with ApiConsumer

use of com.bluenimble.platform.api.security.ApiConsumer in project serverless by bluenimble.

the class DefaultApiInterceptor method intercept.

@Override
public void intercept(Api api, ApiRequest request, ApiResponse response) {
    logDebug(api, "<" + request.getId() + "> Process Request \n" + request.toString());
    ServerRequestTrack track = server.getRequestTracker(Json.getString(api.getTracking(), Api.Spec.Tracking.Tracker)).create(api, request);
    request.track(track);
    response.set(ApiHeaders.NodeID, Json.getString(request.getNode(), ApiRequest.Fields.Node.Id));
    response.set(ApiHeaders.NodeType, Json.getString(request.getNode(), ApiRequest.Fields.Node.Type));
    response.set(ApiHeaders.NodeVersion, Json.getString(request.getNode(), ApiRequest.Fields.Node.Version));
    ApiMediaProcessor mediaProcessor = null;
    ApiConsumer consumer = null;
    ApiService service = null;
    try {
        // api life cycle - onRequest
        api.getSpi().onRequest(api, request, response);
        // resolve service
        service = ((ApiImpl) api).lockup(request);
        ApiResponse.Status notFoundStatus = null;
        String notFoundMessage = null;
        if (service == null) {
            notFoundStatus = ApiResponse.NOT_FOUND;
            notFoundMessage = api.message(request.getLang(), Messages.ServiceNotFound, request.getVerb().name() + Lang.SPACE + request.getPath());
        } else if (service.status() != ApiStatus.Running) {
            notFoundStatus = ApiResponse.SERVICE_UNAVAILABLE;
            notFoundMessage = api.message(request.getLang(), Messages.ServiceNotAvailable, service.getName());
        }
        if (notFoundStatus != null) {
            if (response instanceof ContainerApiResponse) {
                ((ContainerApiResponse) response).setException(new ApiServiceExecutionException(notFoundMessage).status(notFoundStatus));
            } else {
                response.error(notFoundStatus, notFoundMessage);
                writeError(mediaProcessor, api, null, null, request, response);
            }
            track.finish((JsonObject) new JsonObject().set(ApiResponse.Error.Code, notFoundStatus.getCode()).set(ApiResponse.Error.Message, notFoundMessage));
            return;
        }
        ((AbstractApiRequest) request).setService(service);
        // Lookup media processor
        mediaProcessor = api.lockupMediaProcessor(request, service);
        track.update(service);
        logInfo(api, "<" + request.getId() + "> Using service " + service.getVerb() + Lang.SPACE + Json.getString(service.toJson(), ApiService.Spec.Endpoint) + Lang.SPACE + Lang.PARENTH_OPEN + service.getName() + Lang.PARENTH_CLOSE);
        // api life cycle - onService
        api.getSpi().onService(api, service, request, response);
        logInfo(api, "<" + request.getId() + "> Interceptor will use media.processor [" + mediaProcessor.getClass().getSimpleName() + "]");
        JsonObject apiSecMethods = Json.getObject(api.getSecurity(), Api.Spec.Security.Schemes);
        if (apiSecMethods == null) {
            apiSecMethods = JsonObject.Blank;
        }
        JsonArray serviceSecMethods = Json.getArray(service.getSecurity(), ApiService.Spec.Security.Schemes);
        ApiConsumerResolver resolver = null;
        try {
            Iterator<String> rKeys = apiSecMethods.keys();
            if (rKeys != null) {
                while (rKeys.hasNext()) {
                    String resolverName = rKeys.next();
                    if (serviceSecMethods != null && !serviceSecMethods.contains(resolverName)) {
                        continue;
                    }
                    ApiConsumerResolver r = server.getConsumerResolver(resolverName);
                    if (r == null) {
                        continue;
                    }
                    consumer = r.resolve(api, service, request);
                    if (consumer != null) {
                        resolver = r;
                        break;
                    }
                }
            }
            if (consumer == null) {
                consumer = new DefaultApiConsumer(ApiConsumer.Type.Unknown);
            }
            api.getSpi().findConsumer(api, service, request, consumer);
            if (resolver != null) {
                resolver.authorize(api, service, request, consumer);
            }
        } catch (ApiAuthenticationException e) {
            if (response instanceof ContainerApiResponse) {
                ((ContainerApiResponse) response).setException(new ApiServiceExecutionException(e.getMessage(), e).status(ApiResponse.UNAUTHORIZED));
            } else {
                response.error(ApiResponse.UNAUTHORIZED, e.getMessage());
                writeError(mediaProcessor, api, consumer, service, request, response);
            }
            track.finish((JsonObject) new JsonObject().set(ApiResponse.Error.Code, ApiResponse.UNAUTHORIZED.getCode()).set(ApiResponse.Error.Message, e.getMessage()));
            return;
        }
        try {
            server.getServiceValidator().validate(api, Json.getObject(service.toJson(), ApiService.Spec.Spec), consumer, request);
        } catch (ApiServiceValidatorException e) {
            if (response instanceof ContainerApiResponse) {
                ((ContainerApiResponse) response).setException(new ApiServiceExecutionException(e.getMessage(), e));
            } else {
                writeValidationError(api, consumer, service, request, response, mediaProcessor, e);
            }
            Object error = null;
            if (e.getFeedback() != null) {
                error = e.getFeedback();
            } else {
                error = e.getMessage();
            }
            track.finish((JsonObject) new JsonObject().set(ApiResponse.Error.Code, ApiResponse.UNPROCESSABLE_ENTITY.getCode()).set(ApiResponse.Error.Message, error));
            return;
        }
        ApiOutput output = null;
        JsonObject mock = Json.getObject(service.toJson(), ApiService.Spec.Mock);
        if (mock != null && Json.getBoolean(mock, ConfigKeys.Enabled, false)) {
            output = new JsonApiOutput(Json.getObject(mock, ApiService.Spec.Output));
            logInfo(api, "<" + request.getId() + "> Service using mock output");
        } else {
            // api life cycle - onExecute
            api.getSpi().onExecute(api, consumer, service, request, response);
            output = service.getSpi().execute(api, consumer, request, response);
            // api life cycle - afterExecute
            api.getSpi().afterExecute(api, consumer, service, request, response);
        }
        if (request instanceof ContainerApiRequest) {
            request.set(ApiRequest.Output, output);
        } else {
            response.set(ApiHeaders.ExecutionTime, (System.currentTimeMillis() - request.getTimestamp().getTime()));
            if (response.isCommitted()) {
                logInfo(api, "<" + request.getId() + "> Response already committed. No media processing required");
                long time = System.currentTimeMillis() - request.getTimestamp().getTime();
                track.finish((JsonObject) new JsonObject().set(ApiResponse.Error.Code, ApiResponse.OK.getCode()).set(ApiResponse.Error.Message, time));
                logInfo(api, " <" + request.getId() + "> ExecTime-Cancel: Service " + Json.getString(service.toJson(), ApiService.Spec.Endpoint) + " - Time " + time + " millis");
                return;
            }
            mediaProcessor.process(api, service, consumer, output, request, response);
        }
        int iStatus = ApiResponse.OK.getCode();
        ApiResponse.Status status = response.getStatus();
        if (status != null) {
            iStatus = status.getCode();
        }
        long time = System.currentTimeMillis() - request.getTimestamp().getTime();
        track.finish((JsonObject) new JsonObject().set(ApiResponse.Error.Code, iStatus).set(ApiResponse.Error.Message, time));
        logInfo(api, "<" + request.getId() + "> ExecTime-Success: Service " + Json.getString(service.toJson(), ApiService.Spec.Endpoint) + " - Time " + time + " millis");
    } catch (Throwable th) {
        if (response instanceof ContainerApiResponse) {
            if (th instanceof ApiServiceExecutionException) {
                ((ContainerApiResponse) response).setException((ApiServiceExecutionException) th);
            } else {
                ((ContainerApiResponse) response).setException(new ApiServiceExecutionException(th.getMessage(), th));
            }
            // String [] msg = Lang.toMessage (th);
            track.finish((JsonObject) Lang.toError(th).set(ApiResponse.Error.Code, ApiResponse.INTERNAL_SERVER_ERROR.getCode()));
        } else {
            ApiResponse.Status status = null;
            if (th instanceof ApiServiceExecutionException) {
                status = ((ApiServiceExecutionException) th).status();
            }
            if (status == null) {
                status = ApiResponse.INTERNAL_SERVER_ERROR;
            }
            boolean isValidationError = false;
            if (th instanceof ApiServiceExecutionException) {
                Throwable rootCause = ((ApiServiceExecutionException) th).getRootCause();
                if (rootCause instanceof ApiServiceValidatorException) {
                    ApiServiceValidatorException vex = (ApiServiceValidatorException) rootCause;
                    isValidationError = true;
                    writeValidationError(api, consumer, service, request, response, mediaProcessor, vex);
                    Object error = null;
                    if (vex.getFeedback() != null) {
                        error = vex.getFeedback();
                    } else {
                        error = vex.getMessage();
                    }
                    track.finish((JsonObject) new JsonObject().set(ApiResponse.Error.Code, ApiResponse.UNPROCESSABLE_ENTITY.getCode()).set(ApiResponse.Error.Message, error));
                }
            }
            if (!isValidationError) {
                JsonObject oError = Lang.toError(th);
                // logError (api, "<" + request.getId () + "> - Execute Service / Media Processing - caused an error\n" + oError.toString (), null);
                response.error(status, new Object[] { oError.get(ApiResponse.Error.Message), oError.get(ApiResponse.Error.Trace) });
                writeError(mediaProcessor, api, consumer, service, request, response);
                track.finish((JsonObject) oError.set(ApiResponse.Error.Code, status.getCode()));
            }
        }
    } finally {
        request.destroy();
    }
}
Also used : JsonObject(com.bluenimble.platform.json.JsonObject) ContainerApiResponse(com.bluenimble.platform.api.impls.ContainerApiResponse) AbstractApiRequest(com.bluenimble.platform.api.impls.AbstractApiRequest) ContainerApiResponse(com.bluenimble.platform.api.impls.ContainerApiResponse) ApiResponse(com.bluenimble.platform.api.ApiResponse) ApiOutput(com.bluenimble.platform.api.ApiOutput) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput) DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer) ApiConsumer(com.bluenimble.platform.api.security.ApiConsumer) ApiAuthenticationException(com.bluenimble.platform.api.security.ApiAuthenticationException) ApiServiceValidatorException(com.bluenimble.platform.api.validation.ApiServiceValidatorException) ServerRequestTrack(com.bluenimble.platform.server.tracking.ServerRequestTrack) ApiStatus(com.bluenimble.platform.api.ApiStatus) ApiMediaProcessor(com.bluenimble.platform.api.media.ApiMediaProcessor) ContainerApiRequest(com.bluenimble.platform.api.impls.ContainerApiRequest) JsonArray(com.bluenimble.platform.json.JsonArray) ApiService(com.bluenimble.platform.api.ApiService) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) ApiConsumerResolver(com.bluenimble.platform.api.security.ApiConsumerResolver) JsonObject(com.bluenimble.platform.json.JsonObject) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput) DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)

Aggregations

ApiConsumer (com.bluenimble.platform.api.security.ApiConsumer)5 DefaultApiConsumer (com.bluenimble.platform.server.security.impls.DefaultApiConsumer)5 JsonObject (com.bluenimble.platform.json.JsonObject)4 JsonArray (com.bluenimble.platform.json.JsonArray)2 ApiOutput (com.bluenimble.platform.api.ApiOutput)1 ApiResponse (com.bluenimble.platform.api.ApiResponse)1 ApiService (com.bluenimble.platform.api.ApiService)1 ApiServiceExecutionException (com.bluenimble.platform.api.ApiServiceExecutionException)1 ApiStatus (com.bluenimble.platform.api.ApiStatus)1 AbstractApiRequest (com.bluenimble.platform.api.impls.AbstractApiRequest)1 ContainerApiRequest (com.bluenimble.platform.api.impls.ContainerApiRequest)1 ContainerApiResponse (com.bluenimble.platform.api.impls.ContainerApiResponse)1 JsonApiOutput (com.bluenimble.platform.api.impls.JsonApiOutput)1 ApiMediaProcessor (com.bluenimble.platform.api.media.ApiMediaProcessor)1 ApiAuthenticationException (com.bluenimble.platform.api.security.ApiAuthenticationException)1 ApiConsumerResolver (com.bluenimble.platform.api.security.ApiConsumerResolver)1 ApiServiceValidatorException (com.bluenimble.platform.api.validation.ApiServiceValidatorException)1 ServerRequestTrack (com.bluenimble.platform.server.tracking.ServerRequestTrack)1