Example 1 with ApiConsumer
use of com.bluenimble.platform.api.security.ApiConsumer in project serverless by bluenimble.
the class SignatureConsumerResolver method resolve.
@Override
public ApiConsumer resolve(Api api, ApiService service, ApiRequest request) throws ApiAuthenticationException {
JsonObject oResolver = Json.getObject(Json.getObject(api.getSecurity(), Api.Spec.Security.Schemes), MethodName);
String scheme = Json.getString(oResolver, Spec.Scheme, Defaults.Scheme);
String auth = (String) request.get(ApiHeaders.Authorization, Scope.Header);
if (Lang.isNullOrEmpty(auth)) {
return null;
}
String[] pair = Lang.split(auth, Lang.SPACE, true);
if (pair.length < 2) {
return null;
}
String rScheme = pair[0];
if (!rScheme.equals(scheme)) {
return null;
}
String accessKeyAndSignature = pair[1];
if (Lang.isNullOrEmpty(accessKeyAndSignature)) {
return null;
}
int indexOfColon = accessKeyAndSignature.indexOf(Lang.COLON);
if (indexOfColon <= 0) {
return null;
}
String accessKey = accessKeyAndSignature.substring(0, indexOfColon);
String signature = accessKeyAndSignature.substring(indexOfColon + 1);
ApiConsumer consumer = new DefaultApiConsumer(ApiConsumer.Type.Signature);
consumer.set(ApiConsumer.Fields.AccessKey, accessKey);
consumer.set(ApiConsumer.Fields.Signature, signature);
return consumer;
}
Also used :
DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)
ApiConsumer(com.bluenimble.platform.api.security.ApiConsumer)
JsonObject(com.bluenimble.platform.json.JsonObject)
DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)
Example 2 with ApiConsumer
use of com.bluenimble.platform.api.security.ApiConsumer in project serverless by bluenimble.
the class BasicConsumerResolver method resolve.
@Override
public ApiConsumer resolve(Api api, ApiService service, ApiRequest request) throws ApiAuthenticationException {
String authHeader = (String) request.get(ApiHeaders.Authorization, Scope.Header);
if (Lang.isNullOrEmpty(authHeader)) {
return null;
}
String[] pair = Lang.split(authHeader, Lang.SPACE, true);
if (pair.length < 2) {
return null;
}
String app = pair[0];
if (!app.equals(BasicAuth)) {
return null;
}
String credentials = new String(Base64.decodeBase64(pair[1]));
String[] aCredentials = Lang.split(credentials, Lang.COLON, true);
if (aCredentials == null || aCredentials.length < 2) {
return null;
}
ApiConsumer consumer = new DefaultApiConsumer(ApiConsumer.Type.Basic);
consumer.set(ApiConsumer.Fields.Id, aCredentials[0]);
consumer.set(ApiConsumer.Fields.Password, aCredentials[1]);
return consumer;
}
Also used :
DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)
ApiConsumer(com.bluenimble.platform.api.security.ApiConsumer)
DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)
Example 3 with ApiConsumer
use of com.bluenimble.platform.api.security.ApiConsumer in project serverless by bluenimble.
the class CookieConsumerResolver method resolve.
@Override
public ApiConsumer resolve(Api api, ApiService service, ApiRequest request) throws ApiAuthenticationException {
JsonObject oResolver = Json.getObject(Json.getObject(api.getSecurity(), Api.Spec.Security.Schemes), MethodName);
String cookie = (String) request.get(ApiHeaders.Cookie, Scope.Header);
if (Lang.isNullOrEmpty(cookie)) {
return null;
}
JsonArray cookiesNames = Json.getArray(oResolver, Spec.Names);
if (cookiesNames == null) {
cookiesNames = Defaults.Cookies;
}
if (cookiesNames.isEmpty()) {
return null;
}
String token = null;
for (int i = 0; i < cookiesNames.count(); i++) {
String cookieName = String.valueOf(cookiesNames.get(i));
String[] cookieEntries = cookie.split(Lang.SEMICOLON);
for (String cookieEntry : cookieEntries) {
cookieEntry = cookieEntry.trim();
if (cookieEntry.startsWith(cookieName + Lang.EQUALS)) {
token = cookieEntry.substring((cookieName + Lang.EQUALS).length());
}
}
if (!Lang.isNullOrEmpty(token)) {
break;
}
}
if (Lang.isNullOrEmpty(token)) {
return null;
}
ApiConsumer consumer = new DefaultApiConsumer(ApiConsumer.Type.Cookie);
consumer.set(ApiConsumer.Fields.Token, token);
return consumer;
}
Also used :
JsonArray(com.bluenimble.platform.json.JsonArray)
DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)
ApiConsumer(com.bluenimble.platform.api.security.ApiConsumer)
JsonObject(com.bluenimble.platform.json.JsonObject)
DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)
Example 4 with ApiConsumer
use of com.bluenimble.platform.api.security.ApiConsumer in project serverless by bluenimble.
the class TokenConsumerResolver method resolve.
@Override
public ApiConsumer resolve(Api api, ApiService service, ApiRequest request) throws ApiAuthenticationException {
JsonObject oResolver = Json.getObject(Json.getObject(api.getSecurity(), Api.Spec.Security.Schemes), MethodName);
String scheme = Json.getString(oResolver, Spec.Scheme, Defaults.Scheme);
String placeholder = Json.getString(service.getSecurity(), ApiService.Spec.Security.Placeholder, Scope.Header.name());
String authHeader = (String) request.get(ApiHeaders.Authorization, Scope.valueOf(placeholder));
if (Lang.isNullOrEmpty(authHeader)) {
return null;
}
String[] pair = Lang.split(authHeader, Lang.SPACE, true);
if (pair.length < 2) {
return null;
}
String app = pair[0];
String token = pair[1];
if (!app.equalsIgnoreCase(scheme)) {
return null;
}
ApiConsumer consumer = new DefaultApiConsumer(ApiConsumer.Type.Token);
consumer.set(ApiConsumer.Fields.Token, token);
return consumer;
}
Also used :
DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)
ApiConsumer(com.bluenimble.platform.api.security.ApiConsumer)
JsonObject(com.bluenimble.platform.json.JsonObject)
DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)
Example 5 with ApiConsumer
use of com.bluenimble.platform.api.security.ApiConsumer in project serverless by bluenimble.
the class DefaultApiInterceptor method intercept.
@Override
public void intercept(Api api, ApiRequest request, ApiResponse response) {
logDebug(api, "<" + request.getId() + "> Process Request \n" + request.toString());
ServerRequestTrack track = server.getRequestTracker(Json.getString(api.getTracking(), Api.Spec.Tracking.Tracker)).create(api, request);
request.track(track);
response.set(ApiHeaders.NodeID, Json.getString(request.getNode(), ApiRequest.Fields.Node.Id));
response.set(ApiHeaders.NodeType, Json.getString(request.getNode(), ApiRequest.Fields.Node.Type));
response.set(ApiHeaders.NodeVersion, Json.getString(request.getNode(), ApiRequest.Fields.Node.Version));
ApiMediaProcessor mediaProcessor = null;
ApiConsumer consumer = null;
ApiService service = null;
try {
// api life cycle - onRequest
api.getSpi().onRequest(api, request, response);
// resolve service
service = ((ApiImpl) api).lockup(request);
ApiResponse.Status notFoundStatus = null;
String notFoundMessage = null;
if (service == null) {
notFoundStatus = ApiResponse.NOT_FOUND;
notFoundMessage = api.message(request.getLang(), Messages.ServiceNotFound, request.getVerb().name() + Lang.SPACE + request.getPath());
} else if (service.status() != ApiStatus.Running) {
notFoundStatus = ApiResponse.SERVICE_UNAVAILABLE;
notFoundMessage = api.message(request.getLang(), Messages.ServiceNotAvailable, service.getName());
}
if (notFoundStatus != null) {
if (response instanceof ContainerApiResponse) {
((ContainerApiResponse) response).setException(new ApiServiceExecutionException(notFoundMessage).status(notFoundStatus));
} else {
response.error(notFoundStatus, notFoundMessage);
writeError(mediaProcessor, api, null, null, request, response);
}
track.finish((JsonObject) new JsonObject().set(ApiResponse.Error.Code, notFoundStatus.getCode()).set(ApiResponse.Error.Message, notFoundMessage));
return;
}
((AbstractApiRequest) request).setService(service);
// Lookup media processor
mediaProcessor = api.lockupMediaProcessor(request, service);
track.update(service);
logInfo(api, "<" + request.getId() + "> Using service " + service.getVerb() + Lang.SPACE + Json.getString(service.toJson(), ApiService.Spec.Endpoint) + Lang.SPACE + Lang.PARENTH_OPEN + service.getName() + Lang.PARENTH_CLOSE);
// api life cycle - onService
api.getSpi().onService(api, service, request, response);
logInfo(api, "<" + request.getId() + "> Interceptor will use media.processor [" + mediaProcessor.getClass().getSimpleName() + "]");
JsonObject apiSecMethods = Json.getObject(api.getSecurity(), Api.Spec.Security.Schemes);
if (apiSecMethods == null) {
apiSecMethods = JsonObject.Blank;
}
JsonArray serviceSecMethods = Json.getArray(service.getSecurity(), ApiService.Spec.Security.Schemes);
ApiConsumerResolver resolver = null;
try {
Iterator<String> rKeys = apiSecMethods.keys();
if (rKeys != null) {
while (rKeys.hasNext()) {
String resolverName = rKeys.next();
if (serviceSecMethods != null && !serviceSecMethods.contains(resolverName)) {
continue;
}
ApiConsumerResolver r = server.getConsumerResolver(resolverName);
if (r == null) {
continue;
}
consumer = r.resolve(api, service, request);
if (consumer != null) {
resolver = r;
break;
}
}
}
if (consumer == null) {
consumer = new DefaultApiConsumer(ApiConsumer.Type.Unknown);
}
api.getSpi().findConsumer(api, service, request, consumer);
if (resolver != null) {
resolver.authorize(api, service, request, consumer);
}
} catch (ApiAuthenticationException e) {
if (response instanceof ContainerApiResponse) {
((ContainerApiResponse) response).setException(new ApiServiceExecutionException(e.getMessage(), e).status(ApiResponse.UNAUTHORIZED));
} else {
response.error(ApiResponse.UNAUTHORIZED, e.getMessage());
writeError(mediaProcessor, api, consumer, service, request, response);
}
track.finish((JsonObject) new JsonObject().set(ApiResponse.Error.Code, ApiResponse.UNAUTHORIZED.getCode()).set(ApiResponse.Error.Message, e.getMessage()));
return;
}
try {
server.getServiceValidator().validate(api, Json.getObject(service.toJson(), ApiService.Spec.Spec), consumer, request);
} catch (ApiServiceValidatorException e) {
if (response instanceof ContainerApiResponse) {
((ContainerApiResponse) response).setException(new ApiServiceExecutionException(e.getMessage(), e));
} else {
writeValidationError(api, consumer, service, request, response, mediaProcessor, e);
}
Object error = null;
if (e.getFeedback() != null) {
error = e.getFeedback();
} else {
error = e.getMessage();
}
track.finish((JsonObject) new JsonObject().set(ApiResponse.Error.Code, ApiResponse.UNPROCESSABLE_ENTITY.getCode()).set(ApiResponse.Error.Message, error));
return;
}
ApiOutput output = null;
JsonObject mock = Json.getObject(service.toJson(), ApiService.Spec.Mock);
if (mock != null && Json.getBoolean(mock, ConfigKeys.Enabled, false)) {
output = new JsonApiOutput(Json.getObject(mock, ApiService.Spec.Output));
logInfo(api, "<" + request.getId() + "> Service using mock output");
} else {
// api life cycle - onExecute
api.getSpi().onExecute(api, consumer, service, request, response);
output = service.getSpi().execute(api, consumer, request, response);
// api life cycle - afterExecute
api.getSpi().afterExecute(api, consumer, service, request, response);
}
if (request instanceof ContainerApiRequest) {
request.set(ApiRequest.Output, output);
} else {
response.set(ApiHeaders.ExecutionTime, (System.currentTimeMillis() - request.getTimestamp().getTime()));
if (response.isCommitted()) {
logInfo(api, "<" + request.getId() + "> Response already committed. No media processing required");
long time = System.currentTimeMillis() - request.getTimestamp().getTime();
track.finish((JsonObject) new JsonObject().set(ApiResponse.Error.Code, ApiResponse.OK.getCode()).set(ApiResponse.Error.Message, time));
logInfo(api, " <" + request.getId() + "> ExecTime-Cancel: Service " + Json.getString(service.toJson(), ApiService.Spec.Endpoint) + " - Time " + time + " millis");
return;
}
mediaProcessor.process(api, service, consumer, output, request, response);
}
int iStatus = ApiResponse.OK.getCode();
ApiResponse.Status status = response.getStatus();
if (status != null) {
iStatus = status.getCode();
}
long time = System.currentTimeMillis() - request.getTimestamp().getTime();
track.finish((JsonObject) new JsonObject().set(ApiResponse.Error.Code, iStatus).set(ApiResponse.Error.Message, time));
logInfo(api, "<" + request.getId() + "> ExecTime-Success: Service " + Json.getString(service.toJson(), ApiService.Spec.Endpoint) + " - Time " + time + " millis");
} catch (Throwable th) {
if (response instanceof ContainerApiResponse) {
if (th instanceof ApiServiceExecutionException) {
((ContainerApiResponse) response).setException((ApiServiceExecutionException) th);
} else {
((ContainerApiResponse) response).setException(new ApiServiceExecutionException(th.getMessage(), th));
}
// String [] msg = Lang.toMessage (th);
track.finish((JsonObject) Lang.toError(th).set(ApiResponse.Error.Code, ApiResponse.INTERNAL_SERVER_ERROR.getCode()));
} else {
ApiResponse.Status status = null;
if (th instanceof ApiServiceExecutionException) {
status = ((ApiServiceExecutionException) th).status();
}
if (status == null) {
status = ApiResponse.INTERNAL_SERVER_ERROR;
}
boolean isValidationError = false;
if (th instanceof ApiServiceExecutionException) {
Throwable rootCause = ((ApiServiceExecutionException) th).getRootCause();
if (rootCause instanceof ApiServiceValidatorException) {
ApiServiceValidatorException vex = (ApiServiceValidatorException) rootCause;
isValidationError = true;
writeValidationError(api, consumer, service, request, response, mediaProcessor, vex);
Object error = null;
if (vex.getFeedback() != null) {
error = vex.getFeedback();
} else {
error = vex.getMessage();
}
track.finish((JsonObject) new JsonObject().set(ApiResponse.Error.Code, ApiResponse.UNPROCESSABLE_ENTITY.getCode()).set(ApiResponse.Error.Message, error));
}
}
if (!isValidationError) {
JsonObject oError = Lang.toError(th);
// logError (api, "<" + request.getId () + "> - Execute Service / Media Processing - caused an error\n" + oError.toString (), null);
response.error(status, new Object[] { oError.get(ApiResponse.Error.Message), oError.get(ApiResponse.Error.Trace) });
writeError(mediaProcessor, api, consumer, service, request, response);
track.finish((JsonObject) oError.set(ApiResponse.Error.Code, status.getCode()));
}
}
} finally {
request.destroy();
}
}
Also used :
JsonObject(com.bluenimble.platform.json.JsonObject)
ContainerApiResponse(com.bluenimble.platform.api.impls.ContainerApiResponse)
AbstractApiRequest(com.bluenimble.platform.api.impls.AbstractApiRequest)
ContainerApiResponse(com.bluenimble.platform.api.impls.ContainerApiResponse)
ApiResponse(com.bluenimble.platform.api.ApiResponse)
ApiOutput(com.bluenimble.platform.api.ApiOutput)
JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput)
DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)
ApiConsumer(com.bluenimble.platform.api.security.ApiConsumer)
ApiAuthenticationException(com.bluenimble.platform.api.security.ApiAuthenticationException)
ApiServiceValidatorException(com.bluenimble.platform.api.validation.ApiServiceValidatorException)
ServerRequestTrack(com.bluenimble.platform.server.tracking.ServerRequestTrack)
ApiStatus(com.bluenimble.platform.api.ApiStatus)
ApiMediaProcessor(com.bluenimble.platform.api.media.ApiMediaProcessor)
ContainerApiRequest(com.bluenimble.platform.api.impls.ContainerApiRequest)
JsonArray(com.bluenimble.platform.json.JsonArray)
ApiService(com.bluenimble.platform.api.ApiService)
ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException)
ApiConsumerResolver(com.bluenimble.platform.api.security.ApiConsumerResolver)
JsonObject(com.bluenimble.platform.json.JsonObject)
JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput)
DefaultApiConsumer(com.bluenimble.platform.server.security.impls.DefaultApiConsumer)
Aggregations
ApiConsumer (com.bluenimble.platform.api.security.ApiConsumer)5
DefaultApiConsumer (com.bluenimble.platform.server.security.impls.DefaultApiConsumer)5
JsonObject (com.bluenimble.platform.json.JsonObject)4
JsonArray (com.bluenimble.platform.json.JsonArray)2
ApiOutput (com.bluenimble.platform.api.ApiOutput)1
ApiResponse (com.bluenimble.platform.api.ApiResponse)1
ApiService (com.bluenimble.platform.api.ApiService)1
ApiServiceExecutionException (com.bluenimble.platform.api.ApiServiceExecutionException)1
ApiStatus (com.bluenimble.platform.api.ApiStatus)1
AbstractApiRequest (com.bluenimble.platform.api.impls.AbstractApiRequest)1
ContainerApiRequest (com.bluenimble.platform.api.impls.ContainerApiRequest)1
ContainerApiResponse (com.bluenimble.platform.api.impls.ContainerApiResponse)1
JsonApiOutput (com.bluenimble.platform.api.impls.JsonApiOutput)1
ApiMediaProcessor (com.bluenimble.platform.api.media.ApiMediaProcessor)1
ApiAuthenticationException (com.bluenimble.platform.api.security.ApiAuthenticationException)1
ApiConsumerResolver (com.bluenimble.platform.api.security.ApiConsumerResolver)1
ApiServiceValidatorException (com.bluenimble.platform.api.validation.ApiServiceValidatorException)1
ServerRequestTrack (com.bluenimble.platform.server.tracking.ServerRequestTrack)1
