Search in sources :

Example 1 with ConnectorException

use of io.apiman.gateway.engine.beans.exceptions.ConnectorException in project apiman by apiman.

the class ErrorHandler method handleConnectionError.

/**
 * This method handles a connection error that was caused while connecting the gateway to the backend.
 *
 * @param error the connection error to be handled
 * @return a new ConnectorException
 */
public static ConnectorException handleConnectionError(Throwable error) {
    ConnectorException ce = null;
    if (error instanceof UnknownHostException || error instanceof ConnectException || error instanceof NoRouteToHostException) {
        // $NON-NLS-1$
        ce = new ConnectorException("Unable to connect to backend", error);
        // BAD GATEWAY
        ce.setStatusCode(502);
    } else if (error instanceof InterruptedIOException || error instanceof java.util.concurrent.TimeoutException) {
        // $NON-NLS-1$
        ce = new ConnectorException("Connection to backend terminated. " + error.getMessage(), error);
        // GATEWAY TIMEOUT
        ce.setStatusCode(504);
    }
    if (ce != null) {
        return ce;
    } else {
        return new ConnectorException(error.getMessage(), error);
    }
}
Also used : InterruptedIOException(java.io.InterruptedIOException) UnknownHostException(java.net.UnknownHostException) ConnectorException(io.apiman.gateway.engine.beans.exceptions.ConnectorException) NoRouteToHostException(java.net.NoRouteToHostException) ConnectException(java.net.ConnectException)

Example 2 with ConnectorException

use of io.apiman.gateway.engine.beans.exceptions.ConnectorException in project apiman by apiman.

the class BasicMutualAuthTest method shouldFailWhenGatewayDoesNotTrustApi.

/**
 * Scenario:
 *   - no CA inherited trust
 *   - gateway does <em>not</em> trust the API
 *   - API trusts gateway certificate
 */
@Test
public void shouldFailWhenGatewayDoesNotTrustApi() {
    config.put(TLSOptions.TLS_TRUSTSTORE, getResourcePath("2waytest/basic_mutual_auth_2/gateway_ts.jks"));
    config.put(TLSOptions.TLS_TRUSTSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_KEYSTORE, getResourcePath("2waytest/basic_mutual_auth_2/gateway_ks.jks"));
    config.put(TLSOptions.TLS_KEYSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_KEYPASSWORD, "changeme");
    config.put(TLSOptions.TLS_ALLOWANYHOST, "true");
    config.put(TLSOptions.TLS_ALLOWSELFSIGNED, "false");
    HttpConnectorFactory factory = new HttpConnectorFactory(config);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.MTLS, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, (IAsyncResult<IApiConnectionResponse> result) -> {
        Assert.assertTrue(result.isError());
        System.out.println(result.getError());
        Assert.assertTrue(result.getError() instanceof ConnectorException);
    // Would like to assert on SSL error, but is sun specific info
    // TODO improve connector to handle this situation better
    });
    connection.end();
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorException(io.apiman.gateway.engine.beans.exceptions.ConnectorException) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IAsyncResult(io.apiman.gateway.engine.async.IAsyncResult) IApiConnector(io.apiman.gateway.engine.IApiConnector) Test(org.junit.Test)

Example 3 with ConnectorException

use of io.apiman.gateway.engine.beans.exceptions.ConnectorException in project apiman by apiman.

the class StandardTLSTest method shouldFailWhenCANotTrusted.

/**
 * Scenario:
 *   - CA is only in API trust store, missing from gateway trust store
 *   - Gateway does not trust API, as it does not trust CA
 *   - API trusts gateway via CA
 */
@Test
public void shouldFailWhenCANotTrusted() {
    // Keystore does not trust the root CA API is signed with.
    config.put(TLSOptions.TLS_TRUSTSTORE, getResourcePath("2waytest/basic_mutual_auth/gateway_ts.jks"));
    config.put(TLSOptions.TLS_TRUSTSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_ALLOWANYHOST, "true");
    config.put(TLSOptions.TLS_ALLOWSELFSIGNED, "false");
    HttpConnectorFactory factory = new HttpConnectorFactory(config);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.DEFAULT, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {

        @Override
        public void handle(IAsyncResult<IApiConnectionResponse> result) {
            Assert.assertTrue(result.isError());
            System.out.println(result.getError());
            Assert.assertTrue(result.getError() instanceof ConnectorException);
        }
    });
    connection.end();
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorException(io.apiman.gateway.engine.beans.exceptions.ConnectorException) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IApiConnectionResponse(io.apiman.gateway.engine.IApiConnectionResponse) IApiConnector(io.apiman.gateway.engine.IApiConnector) Test(org.junit.Test)

Example 4 with ConnectorException

use of io.apiman.gateway.engine.beans.exceptions.ConnectorException in project apiman by apiman.

the class HttpApiConnection method handleConnectionError.

private void handleConnectionError(Exception error) {
    ConnectorException ce = ErrorHandler.handleConnectionError(error);
    LOGGER.error(error.getMessage(), error);
    throw ce;
}
Also used : ConnectorException(io.apiman.gateway.engine.beans.exceptions.ConnectorException)

Example 5 with ConnectorException

use of io.apiman.gateway.engine.beans.exceptions.ConnectorException in project apiman by apiman.

the class HttpApiConnection method connect.

/**
 * Connects to the back end system.
 */
private void connect() throws ConnectorException {
    try {
        String endpoint = ApimanPathUtils.join(api.getEndpoint(), request.getDestination());
        if (request.getQueryParams() != null && !request.getQueryParams().isEmpty()) {
            // $NON-NLS-1$
            String delim = "?";
            for (Entry<String, String> entry : request.getQueryParams()) {
                endpoint += delim + entry.getKey();
                if (entry.getValue() != null) {
                    // $NON-NLS-1$ //$NON-NLS-2$
                    endpoint += "=" + URLEncoder.encode(entry.getValue(), "UTF-8");
                }
                // $NON-NLS-1$
                delim = "&";
            }
        }
        URL url = new URL(endpoint);
        OkUrlFactory factory = new OkUrlFactory(client);
        connection = factory.open(url);
        boolean isSsl = connection instanceof HttpsURLConnection;
        if (requiredAuthType == RequiredAuthType.MTLS && !isSsl) {
            // $NON-NLS-1$
            throw new ConnectorException("Mutually authenticating TLS requested, but insecure endpoint protocol was indicated.");
        }
        if (requiredAuthType == RequiredAuthType.BASIC) {
            BasicAuthOptions options = new BasicAuthOptions(api.getEndpointProperties());
            if (options.getUsername() != null && options.getPassword() != null) {
                if (options.isRequireSSL() && !isSsl) {
                    // $NON-NLS-1$
                    throw new ConnectorException("Endpoint security requested (BASIC auth) but endpoint is not secure (SSL).");
                }
                String up = options.getUsername() + ':' + options.getPassword();
                StringBuilder builder = new StringBuilder();
                // $NON-NLS-1$
                builder.append("Basic ");
                builder.append(Base64.encodeBase64String(up.getBytes()));
                // $NON-NLS-1$
                connection.setRequestProperty("Authorization", builder.toString());
                // $NON-NLS-1$
                connectorConfig.suppressRequestHeader("Authorization");
            }
        }
        if (hasDataPolicy) {
            // $NON-NLS-1$
            connectorConfig.suppressRequestHeader("Content-Length");
        }
        if (isSsl) {
            HttpsURLConnection https = (HttpsURLConnection) connection;
            SSLSocketFactory socketFactory = sslStrategy.getSocketFactory();
            https.setSSLSocketFactory(socketFactory);
            https.setHostnameVerifier(sslStrategy.getHostnameVerifier());
        }
        setConnectTimeout(connection);
        setReadTimeout(connection);
        if (request.getType().equalsIgnoreCase("PUT") || request.getType().equalsIgnoreCase("POST")) {
            // $NON-NLS-1$ //$NON-NLS-2$
            connection.setDoOutput(true);
        } else {
            connection.setDoOutput(false);
        }
        connection.setDoInput(true);
        connection.setUseCaches(false);
        connection.setRequestMethod(request.getType());
        // Set the request headers
        for (Entry<String, String> entry : request.getHeaders()) {
            String hkey = entry.getKey();
            String hval = entry.getValue();
            if (!connectorConfig.getSuppressedRequestHeaders().contains(hkey)) {
                connection.addRequestProperty(hkey, hval);
            }
        }
        // Set or reset mandatory headers
        // $NON-NLS-1$
        connection.setRequestProperty("Host", url.getHost() + determinePort(url));
        connection.connect();
        connected = true;
    } catch (IOException error) {
        handleConnectionError(error);
    }
}
Also used : OkUrlFactory(io.apiman.gateway.platforms.servlet.connectors.ok.OkUrlFactory) BasicAuthOptions(io.apiman.common.config.options.BasicAuthOptions) ConnectorException(io.apiman.gateway.engine.beans.exceptions.ConnectorException) IOException(java.io.IOException) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) URL(java.net.URL) HttpsURLConnection(javax.net.ssl.HttpsURLConnection)

Aggregations

ConnectorException (io.apiman.gateway.engine.beans.exceptions.ConnectorException)9 IApiConnection (io.apiman.gateway.engine.IApiConnection)6 IApiConnector (io.apiman.gateway.engine.IApiConnector)6 ConnectorConfigImpl (io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl)6 HttpConnectorFactory (io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory)6 Test (org.junit.Test)6 IApiConnectionResponse (io.apiman.gateway.engine.IApiConnectionResponse)4 IAsyncResult (io.apiman.gateway.engine.async.IAsyncResult)2 BasicAuthOptions (io.apiman.common.config.options.BasicAuthOptions)1 OkUrlFactory (io.apiman.gateway.platforms.servlet.connectors.ok.OkUrlFactory)1 IOException (java.io.IOException)1 InterruptedIOException (java.io.InterruptedIOException)1 ConnectException (java.net.ConnectException)1 NoRouteToHostException (java.net.NoRouteToHostException)1 URL (java.net.URL)1 UnknownHostException (java.net.UnknownHostException)1 HttpsURLConnection (javax.net.ssl.HttpsURLConnection)1 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)1