use of io.apiman.gateway.engine.beans.exceptions.ConnectorException in project apiman by apiman.
the class ErrorHandler method handleConnectionError.
/**
* This method handles a connection error that was caused while connecting the gateway to the backend.
*
* @param error the connection error to be handled
* @return a new ConnectorException
*/
public static ConnectorException handleConnectionError(Throwable error) {
ConnectorException ce = null;
if (error instanceof UnknownHostException || error instanceof ConnectException || error instanceof NoRouteToHostException) {
// $NON-NLS-1$
ce = new ConnectorException("Unable to connect to backend", error);
// BAD GATEWAY
ce.setStatusCode(502);
} else if (error instanceof InterruptedIOException || error instanceof java.util.concurrent.TimeoutException) {
// $NON-NLS-1$
ce = new ConnectorException("Connection to backend terminated. " + error.getMessage(), error);
// GATEWAY TIMEOUT
ce.setStatusCode(504);
}
if (ce != null) {
return ce;
} else {
return new ConnectorException(error.getMessage(), error);
}
}
use of io.apiman.gateway.engine.beans.exceptions.ConnectorException in project apiman by apiman.
the class BasicMutualAuthTest method shouldFailWhenGatewayDoesNotTrustApi.
/**
* Scenario:
* - no CA inherited trust
* - gateway does <em>not</em> trust the API
* - API trusts gateway certificate
*/
@Test
public void shouldFailWhenGatewayDoesNotTrustApi() {
config.put(TLSOptions.TLS_TRUSTSTORE, getResourcePath("2waytest/basic_mutual_auth_2/gateway_ts.jks"));
config.put(TLSOptions.TLS_TRUSTSTOREPASSWORD, "changeme");
config.put(TLSOptions.TLS_KEYSTORE, getResourcePath("2waytest/basic_mutual_auth_2/gateway_ks.jks"));
config.put(TLSOptions.TLS_KEYSTOREPASSWORD, "changeme");
config.put(TLSOptions.TLS_KEYPASSWORD, "changeme");
config.put(TLSOptions.TLS_ALLOWANYHOST, "true");
config.put(TLSOptions.TLS_ALLOWSELFSIGNED, "false");
HttpConnectorFactory factory = new HttpConnectorFactory(config);
IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.MTLS, false, new ConnectorConfigImpl());
IApiConnection connection = connector.connect(request, (IAsyncResult<IApiConnectionResponse> result) -> {
Assert.assertTrue(result.isError());
System.out.println(result.getError());
Assert.assertTrue(result.getError() instanceof ConnectorException);
// Would like to assert on SSL error, but is sun specific info
// TODO improve connector to handle this situation better
});
connection.end();
}
use of io.apiman.gateway.engine.beans.exceptions.ConnectorException in project apiman by apiman.
the class StandardTLSTest method shouldFailWhenCANotTrusted.
/**
* Scenario:
* - CA is only in API trust store, missing from gateway trust store
* - Gateway does not trust API, as it does not trust CA
* - API trusts gateway via CA
*/
@Test
public void shouldFailWhenCANotTrusted() {
// Keystore does not trust the root CA API is signed with.
config.put(TLSOptions.TLS_TRUSTSTORE, getResourcePath("2waytest/basic_mutual_auth/gateway_ts.jks"));
config.put(TLSOptions.TLS_TRUSTSTOREPASSWORD, "changeme");
config.put(TLSOptions.TLS_ALLOWANYHOST, "true");
config.put(TLSOptions.TLS_ALLOWSELFSIGNED, "false");
HttpConnectorFactory factory = new HttpConnectorFactory(config);
IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.DEFAULT, false, new ConnectorConfigImpl());
IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {
@Override
public void handle(IAsyncResult<IApiConnectionResponse> result) {
Assert.assertTrue(result.isError());
System.out.println(result.getError());
Assert.assertTrue(result.getError() instanceof ConnectorException);
}
});
connection.end();
}
use of io.apiman.gateway.engine.beans.exceptions.ConnectorException in project apiman by apiman.
the class HttpApiConnection method handleConnectionError.
private void handleConnectionError(Exception error) {
ConnectorException ce = ErrorHandler.handleConnectionError(error);
LOGGER.error(error.getMessage(), error);
throw ce;
}
use of io.apiman.gateway.engine.beans.exceptions.ConnectorException in project apiman by apiman.
the class HttpApiConnection method connect.
/**
* Connects to the back end system.
*/
private void connect() throws ConnectorException {
try {
String endpoint = ApimanPathUtils.join(api.getEndpoint(), request.getDestination());
if (request.getQueryParams() != null && !request.getQueryParams().isEmpty()) {
// $NON-NLS-1$
String delim = "?";
for (Entry<String, String> entry : request.getQueryParams()) {
endpoint += delim + entry.getKey();
if (entry.getValue() != null) {
// $NON-NLS-1$ //$NON-NLS-2$
endpoint += "=" + URLEncoder.encode(entry.getValue(), "UTF-8");
}
// $NON-NLS-1$
delim = "&";
}
}
URL url = new URL(endpoint);
OkUrlFactory factory = new OkUrlFactory(client);
connection = factory.open(url);
boolean isSsl = connection instanceof HttpsURLConnection;
if (requiredAuthType == RequiredAuthType.MTLS && !isSsl) {
// $NON-NLS-1$
throw new ConnectorException("Mutually authenticating TLS requested, but insecure endpoint protocol was indicated.");
}
if (requiredAuthType == RequiredAuthType.BASIC) {
BasicAuthOptions options = new BasicAuthOptions(api.getEndpointProperties());
if (options.getUsername() != null && options.getPassword() != null) {
if (options.isRequireSSL() && !isSsl) {
// $NON-NLS-1$
throw new ConnectorException("Endpoint security requested (BASIC auth) but endpoint is not secure (SSL).");
}
String up = options.getUsername() + ':' + options.getPassword();
StringBuilder builder = new StringBuilder();
// $NON-NLS-1$
builder.append("Basic ");
builder.append(Base64.encodeBase64String(up.getBytes()));
// $NON-NLS-1$
connection.setRequestProperty("Authorization", builder.toString());
// $NON-NLS-1$
connectorConfig.suppressRequestHeader("Authorization");
}
}
if (hasDataPolicy) {
// $NON-NLS-1$
connectorConfig.suppressRequestHeader("Content-Length");
}
if (isSsl) {
HttpsURLConnection https = (HttpsURLConnection) connection;
SSLSocketFactory socketFactory = sslStrategy.getSocketFactory();
https.setSSLSocketFactory(socketFactory);
https.setHostnameVerifier(sslStrategy.getHostnameVerifier());
}
setConnectTimeout(connection);
setReadTimeout(connection);
if (request.getType().equalsIgnoreCase("PUT") || request.getType().equalsIgnoreCase("POST")) {
// $NON-NLS-1$ //$NON-NLS-2$
connection.setDoOutput(true);
} else {
connection.setDoOutput(false);
}
connection.setDoInput(true);
connection.setUseCaches(false);
connection.setRequestMethod(request.getType());
// Set the request headers
for (Entry<String, String> entry : request.getHeaders()) {
String hkey = entry.getKey();
String hval = entry.getValue();
if (!connectorConfig.getSuppressedRequestHeaders().contains(hkey)) {
connection.addRequestProperty(hkey, hval);
}
}
// Set or reset mandatory headers
// $NON-NLS-1$
connection.setRequestProperty("Host", url.getHost() + determinePort(url));
connection.connect();
connected = true;
} catch (IOException error) {
handleConnectionError(error);
}
}
Aggregations