Search in sources :

Example 26 with IApiConnector

use of io.apiman.gateway.engine.IApiConnector in project apiman by apiman.

the class StandardTLSTest method shouldSucceedWithValidTLS.

/**
 * Scenario:
 *   - CA inherited trust
 *   - gateway trusts API via CA
 *   - API does not evaluate trust
 */
@Test
public void shouldSucceedWithValidTLS() {
    config.put(TLSOptions.TLS_TRUSTSTORE, getResourcePath("2waytest/mutual_trust_via_ca/common_ts.jks"));
    config.put(TLSOptions.TLS_TRUSTSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_ALLOWANYHOST, "true");
    config.put(TLSOptions.TLS_ALLOWSELFSIGNED, "false");
    HttpConnectorFactory factory = new HttpConnectorFactory(config);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.DEFAULT, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {

        @Override
        public void handle(IAsyncResult<IApiConnectionResponse> result) {
            if (result.isError())
                throw new RuntimeException(result.getError());
            Assert.assertTrue(result.isSuccess());
        }
    });
    connection.end();
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IApiConnectionResponse(io.apiman.gateway.engine.IApiConnectionResponse) IApiConnector(io.apiman.gateway.engine.IApiConnector) Test(org.junit.Test)

Example 27 with IApiConnector

use of io.apiman.gateway.engine.IApiConnector in project apiman by apiman.

the class StandardTLSTest method shouldAllowAllWhenDevMode.

/**
 * Scenario:
 *   - Development mode TLS pass-through. Accepts anything.
 */
@Test
public void shouldAllowAllWhenDevMode() {
    config.put(TLSOptions.TLS_DEVMODE, "true");
    HttpConnectorFactory factory = new HttpConnectorFactory(config);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.DEFAULT, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {

        @Override
        public void handle(IAsyncResult<IApiConnectionResponse> result) {
            Assert.assertTrue(result.isSuccess());
        }
    });
    connection.end();
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IApiConnectionResponse(io.apiman.gateway.engine.IApiConnectionResponse) IApiConnector(io.apiman.gateway.engine.IApiConnector) Test(org.junit.Test)

Example 28 with IApiConnector

use of io.apiman.gateway.engine.IApiConnector in project apiman by apiman.

the class ApiRequestExecutorImpl method execute.

/**
 * @see io.apiman.gateway.engine.IApiRequestExecutor#execute()
 */
@Override
public void execute() {
    // load the api data based on request
    registry.getApi(request.getApiOrgId(), request.getApiId(), request.getApiVersion(), (IAsyncResult<Api> apiResult) -> {
        if (apiResult.isSuccess()) {
            api = apiResult.getResult();
        } else if (apiResult.isError()) {
            resultHandler.handle(AsyncResultImpl.create(apiResult.getError(), IEngineResult.class));
        }
    });
    // check if api disable key are enabled
    if (api != null && !api.isKeysStrippingDisabled()) {
        // Strip apikey
        stripApiKey();
    }
    // Fill out some of the basic metrics structure.
    requestMetric.setRequestStart(new Date());
    requestMetric.setUrl(request.getUrl());
    requestMetric.setResource(request.getDestination());
    requestMetric.setMethod(request.getType());
    requestMetric.setApiOrgId(request.getApiOrgId());
    requestMetric.setApiId(request.getApiId());
    requestMetric.setApiVersion(request.getApiVersion());
    // Set request metric
    context.setAttribute(PolicyContextKeys.REQUEST_METRIC, requestMetric);
    // Set connector config early (allows mutation of certain connector properties)
    IConnectorConfig connectorConfig = connectorFactory.createConnectorConfig(request, api);
    context.setConnectorConfiguration(connectorConfig);
    // Create the handler that will be called once the policies are asynchronously
    // loaded (can happen this way due to the plugin framework).
    final IAsyncHandler<List<PolicyWithConfiguration>> policiesLoadedHandler = (List<PolicyWithConfiguration> result) -> {
        policyImpls = result;
        // Set up the policy chain request, call #doApply to execute.
        requestChain = createRequestChain((ApiRequest req) -> {
            IConnectorInterceptor connectorInterceptor = context.getConnectorInterceptor();
            IApiConnector connector;
            if (connectorInterceptor == null) {
                connector = connectorFactory.createConnector(req, api, RequiredAuthType.parseType(api), hasDataPolicy, connectorConfig);
            } else {
                connector = connectorInterceptor.createConnector();
            }
            // TODO check for a null connector
            // Open up a connection to the back-end if we're given the OK from the request chain
            requestMetric.setApiStart(new Date());
            // Attach the response handler here.
            apiConnection = connector.connect(req, createApiConnectionResponseHandler());
            // Write the body chunks from the *policy request* into the connector request.
            requestChain.bodyHandler(buffer -> {
                requestMetric.setBytesUploaded(requestMetric.getBytesUploaded() + buffer.length());
                apiConnection.write(buffer);
            });
            // Indicate end from policy chain request to connector request.
            requestChain.endHandler(onEnd -> apiConnection.end());
            // Once we have returned from connector.request, we know it is safe to start
            // writing chunks without buffering. At this point, it is the responsibility
            // of the implementation as to how they should cope with the chunks.
            handleStream();
        });
        requestChain.doApply(request);
    };
    // The handler used when we need to parse the inbound request payload into
    // an object and make it available via the policy context.
    final IAsyncResultHandler<Object> payloadParserHandler = new IAsyncResultHandler<Object>() {

        @Override
        public void handle(IAsyncResult<Object> result) {
            if (result.isSuccess()) {
                final Object payload = result.getResult();
                // Store the parsed object in the policy context.
                context.setAttribute(PolicyContextKeys.REQUEST_PAYLOAD, payload);
                context.setAttribute(PolicyContextKeys.REQUEST_PAYLOAD_IO, payloadIO);
                // Now replace the inbound stream handler with one that uses the payload IO
                // object to re-marshall the (possibly modified) payload object to bytes
                // and sends that (because the *real* inbound stream has already been consumed)
                streamHandler(new IAsyncHandler<ISignalWriteStream>() {

                    @Override
                    public void handle(ISignalWriteStream connectorStream) {
                        try {
                            if (payload == null) {
                                connectorStream.end();
                            } else {
                                payloadIO = context.getAttribute(PolicyContextKeys.REQUEST_PAYLOAD_IO, payloadIO);
                                byte[] data = payloadIO.marshall(payload);
                                IApimanBuffer buffer = bufferFactory.createBuffer(data);
                                connectorStream.write(buffer);
                                connectorStream.end();
                            }
                        } catch (Exception e) {
                            connectorStream.abort(e);
                            throw new RuntimeException(e);
                        }
                    }
                });
                // Load and executes the policies
                loadPolicies(policiesLoadedHandler);
            } else {
                resultHandler.handle(AsyncResultImpl.create(result.getError(), IEngineResult.class));
            }
        }
    };
    // then we lookup the Contract and use that.
    if (request.getApiKey() == null || (api != null && api.isKeysStrippingDisabled())) {
        if (api == null) {
            // $NON-NLS-1$
            ApiNotFoundException error = new ApiNotFoundException(Messages.i18n.format("EngineImpl.ApiNotFound"));
            resultHandler.handle(AsyncResultImpl.create(error, IEngineResult.class));
        } else if (!api.isPublicAPI()) {
            // $NON-NLS-1$
            InvalidApiException error = new InvalidApiException(Messages.i18n.format("EngineImpl.ApiNotPublic"));
            // Forbidden
            error.setStatusCode(403);
            resultHandler.handle(AsyncResultImpl.create(error, IEngineResult.class));
        } else {
            resolvePropertyReplacements(api);
            request.setApi(api);
            policies = api.getApiPolicies();
            policyImpls = new ArrayList<>(policies.size());
            // or a JSON document
            if (api.isParsePayload()) {
                parsePayload(payloadParserHandler);
            } else {
                loadPolicies(policiesLoadedHandler);
            }
        }
    } else {
        String apiOrgId = request.getApiOrgId();
        String apiId = request.getApiId();
        String apiVersion = request.getApiVersion();
        String apiKey = request.getApiKey();
        registry.getContract(apiOrgId, apiId, apiVersion, apiKey, (IAsyncResult<ApiContract> contractResult) -> {
            if (contractResult.isSuccess()) {
                ApiContract apiContract = contractResult.getResult();
                resolvePropertyReplacements(apiContract);
                requestMetric.setClientOrgId(apiContract.getClient().getOrganizationId());
                requestMetric.setClientId(apiContract.getClient().getClientId());
                requestMetric.setClientVersion(apiContract.getClient().getVersion());
                requestMetric.setPlanId(apiContract.getPlan());
                requestMetric.setContractId(request.getApiKey());
                api = apiContract.getApi();
                request.setContract(apiContract);
                request.setApi(api);
                policies = apiContract.getPolicies();
                policyImpls = new ArrayList<>(policies.size());
                if (request.getApiOrgId() != null) {
                    try {
                        validateRequest(request);
                    } catch (InvalidContractException e) {
                        resultHandler.handle(AsyncResultImpl.create(e, IEngineResult.class));
                        return;
                    }
                }
                // or a JSON document
                if (api.isParsePayload()) {
                    parsePayload(payloadParserHandler);
                } else {
                    // Load and executes the policies
                    loadPolicies(policiesLoadedHandler);
                }
            } else {
                resultHandler.handle(AsyncResultImpl.create(contractResult.getError(), IEngineResult.class));
            }
        });
    }
}
Also used : IApimanBuffer(io.apiman.gateway.engine.io.IApimanBuffer) IEngineResult(io.apiman.gateway.engine.IEngineResult) ApiNotFoundException(io.apiman.gateway.engine.beans.exceptions.ApiNotFoundException) ArrayList(java.util.ArrayList) IAsyncResultHandler(io.apiman.gateway.engine.async.IAsyncResultHandler) ApiRequest(io.apiman.gateway.engine.beans.ApiRequest) InvalidApiException(io.apiman.gateway.engine.beans.exceptions.InvalidApiException) List(java.util.List) ArrayList(java.util.ArrayList) InvalidContractException(io.apiman.gateway.engine.beans.exceptions.InvalidContractException) IConnectorConfig(io.apiman.gateway.engine.IConnectorConfig) ISignalWriteStream(io.apiman.gateway.engine.io.ISignalWriteStream) IApiConnector(io.apiman.gateway.engine.IApiConnector) Date(java.util.Date) RequestAbortedException(io.apiman.gateway.engine.beans.exceptions.RequestAbortedException) InvalidApiException(io.apiman.gateway.engine.beans.exceptions.InvalidApiException) InvalidContractException(io.apiman.gateway.engine.beans.exceptions.InvalidContractException) ApiNotFoundException(io.apiman.gateway.engine.beans.exceptions.ApiNotFoundException) IConnectorInterceptor(io.apiman.gateway.engine.policy.IConnectorInterceptor) IAsyncResult(io.apiman.gateway.engine.async.IAsyncResult) PolicyWithConfiguration(io.apiman.gateway.engine.policy.PolicyWithConfiguration) ApiContract(io.apiman.gateway.engine.beans.ApiContract)

Example 29 with IApiConnector

use of io.apiman.gateway.engine.IApiConnector in project apiman-plugins by apiman.

the class CorsPolicy method doApply.

/* (non-Javadoc)
     * @see io.apiman.gateway.engine.policies.AbstractMappedPolicy#doApply(ApiRequest, IPolicyContext, C, IPolicyChain)
     */
@Override
protected void doApply(final ApiRequest request, final IPolicyContext context, final CorsConfigBean config, final IPolicyChain<ApiRequest> chain) {
    // Is this request CORS enabled? If not, skip.
    if (CorsConnector.candidateCorsRequest(request)) {
        final CorsConnector corsConnector = new CorsConnector(request, config, context.getComponent(IPolicyFailureFactoryComponent.class));
        // We only need to set the short-circuit connector if it's a pre-flight request.
        if (corsConnector.isShortcircuit()) {
            context.setConnectorInterceptor(new IConnectorInterceptor() {

                @Override
                public IApiConnector createConnector() {
                    return corsConnector;
                }
            });
            chain.doSkip(request);
        } else {
            setResponseHeaders(context, corsConnector.getResponseHeaders());
            if (corsConnector.isFailure()) {
                chain.doFailure(corsConnector.getFailure());
            } else {
                chain.doApply(request);
            }
        }
    } else {
        chain.doApply(request);
    }
}
Also used : IConnectorInterceptor(io.apiman.gateway.engine.policy.IConnectorInterceptor) IPolicyFailureFactoryComponent(io.apiman.gateway.engine.components.IPolicyFailureFactoryComponent) IApiConnector(io.apiman.gateway.engine.IApiConnector)

Aggregations

IApiConnector (io.apiman.gateway.engine.IApiConnector)29 IApiConnection (io.apiman.gateway.engine.IApiConnection)26 ConnectorConfigImpl (io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl)26 HttpConnectorFactory (io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory)26 Test (org.junit.Test)26 IApiConnectionResponse (io.apiman.gateway.engine.IApiConnectionResponse)19 IAsyncResult (io.apiman.gateway.engine.async.IAsyncResult)9 ConnectorException (io.apiman.gateway.engine.beans.exceptions.ConnectorException)6 IConnectorConfig (io.apiman.gateway.engine.IConnectorConfig)2 IEngineResult (io.apiman.gateway.engine.IEngineResult)2 IAsyncResultHandler (io.apiman.gateway.engine.async.IAsyncResultHandler)2 ApiRequest (io.apiman.gateway.engine.beans.ApiRequest)2 IApimanBuffer (io.apiman.gateway.engine.io.IApimanBuffer)2 ISignalWriteStream (io.apiman.gateway.engine.io.ISignalWriteStream)2 IConnectorInterceptor (io.apiman.gateway.engine.policy.IConnectorInterceptor)2 FileInputStream (java.io.FileInputStream)2 InputStream (java.io.InputStream)2 X509Certificate (java.security.cert.X509Certificate)2 IApiRequestExecutor (io.apiman.gateway.engine.IApiRequestExecutor)1 IConnectorFactory (io.apiman.gateway.engine.IConnectorFactory)1