Search in sources :

Example 1 with SubscriptionRepository

use of io.gravitee.repository.management.api.SubscriptionRepository in project gravitee-gateway by gravitee-io.

the class CheckSubscriptionPolicyTest method shouldReturnUnauthorized_noClient.

@Test
public void shouldReturnUnauthorized_noClient() throws PolicyException, TechnicalException {
    CheckSubscriptionPolicy policy = new CheckSubscriptionPolicy();
    Request request = mock(Request.class);
    Response response = mock(Response.class);
    when(response.headers()).thenReturn(mock(HttpHeaders.class));
    PolicyChain policyChain = mock(PolicyChain.class);
    ExecutionContext executionContext = mock(ExecutionContext.class);
    SubscriptionRepository subscriptionRepository = mock(SubscriptionRepository.class);
    when(executionContext.getComponent(SubscriptionRepository.class)).thenReturn(subscriptionRepository);
    Subscription subscription = mock(Subscription.class);
    when(subscription.getClientId()).thenReturn("my-bad-client-id");
    when(subscriptionRepository.search(any(SubscriptionCriteria.class))).thenReturn(Collections.singletonList(subscription));
    policy.onRequest(request, response, policyChain, executionContext);
    verify(policyChain, times(1)).failWith(argThat(statusCode(HttpStatusCode.UNAUTHORIZED_401)));
}
Also used : Response(io.gravitee.gateway.api.Response) HttpHeaders(io.gravitee.common.http.HttpHeaders) PolicyChain(io.gravitee.policy.api.PolicyChain) ExecutionContext(io.gravitee.gateway.api.ExecutionContext) SubscriptionRepository(io.gravitee.repository.management.api.SubscriptionRepository) Request(io.gravitee.gateway.api.Request) SubscriptionCriteria(io.gravitee.repository.management.api.search.SubscriptionCriteria) Subscription(io.gravitee.repository.management.model.Subscription) Test(org.junit.Test)

Example 2 with SubscriptionRepository

use of io.gravitee.repository.management.api.SubscriptionRepository in project gravitee-gateway by gravitee-io.

the class CheckSubscriptionPolicyTest method shouldReturnUnauthorized_onException.

@Test
public void shouldReturnUnauthorized_onException() throws PolicyException, TechnicalException {
    CheckSubscriptionPolicy policy = new CheckSubscriptionPolicy();
    Request request = mock(Request.class);
    Response response = mock(Response.class);
    PolicyChain policyChain = mock(PolicyChain.class);
    ExecutionContext executionContext = mock(ExecutionContext.class);
    when(executionContext.getAttribute(CheckSubscriptionPolicy.CONTEXT_ATTRIBUTE_CLIENT_ID)).thenReturn("my-client-id");
    SubscriptionRepository subscriptionRepository = mock(SubscriptionRepository.class);
    when(executionContext.getComponent(SubscriptionRepository.class)).thenReturn(subscriptionRepository);
    when(subscriptionRepository.search(any(SubscriptionCriteria.class))).thenThrow(TechnicalException.class);
    policy.onRequest(request, response, policyChain, executionContext);
    verify(policyChain, times(1)).failWith(argThat(statusCode(HttpStatusCode.UNAUTHORIZED_401)));
}
Also used : Response(io.gravitee.gateway.api.Response) PolicyChain(io.gravitee.policy.api.PolicyChain) ExecutionContext(io.gravitee.gateway.api.ExecutionContext) SubscriptionRepository(io.gravitee.repository.management.api.SubscriptionRepository) Request(io.gravitee.gateway.api.Request) SubscriptionCriteria(io.gravitee.repository.management.api.search.SubscriptionCriteria) Test(org.junit.Test)

Example 3 with SubscriptionRepository

use of io.gravitee.repository.management.api.SubscriptionRepository in project gravitee-gateway by gravitee-io.

the class CheckSubscriptionPolicy method onRequest.

@Override
protected void onRequest(Request request, Response response, PolicyChain policyChain, ExecutionContext executionContext) throws PolicyException {
    SubscriptionRepository subscriptionRepository = executionContext.getComponent(SubscriptionRepository.class);
    // Get plan and client_id from execution context
    String plan = (String) executionContext.getAttribute(ExecutionContext.ATTR_PLAN);
    String clientId = (String) executionContext.getAttribute(CONTEXT_ATTRIBUTE_CLIENT_ID);
    try {
        List<Subscription> subscriptions = subscriptionRepository.search(new SubscriptionCriteria.Builder().plans(Collections.singleton(plan)).clientId(clientId).status(Subscription.Status.ACCEPTED).build());
        if (subscriptions != null && !subscriptions.isEmpty()) {
            Subscription subscription = subscriptions.get(0);
            if (subscription.getClientId().equals(clientId) && (subscription.getEndingAt() == null || subscription.getEndingAt().after(Date.from(request.timestamp())))) {
                executionContext.setAttribute(ExecutionContext.ATTR_APPLICATION, subscription.getApplication());
                executionContext.setAttribute(ExecutionContext.ATTR_USER_ID, subscription.getId());
                policyChain.doNext(request, response);
                return;
            }
        }
        // As per https://tools.ietf.org/html/rfc6749#section-4.1.2.1
        sendUnauthorized(policyChain, OAUTH2_ERROR_ACCESS_DENIED);
    } catch (TechnicalException te) {
        // As per https://tools.ietf.org/html/rfc6749#section-4.1.2.1
        sendUnauthorized(policyChain, OAUTH2_ERROR_SERVER_ERROR);
    }
}
Also used : SubscriptionRepository(io.gravitee.repository.management.api.SubscriptionRepository) TechnicalException(io.gravitee.repository.exceptions.TechnicalException) SubscriptionCriteria(io.gravitee.repository.management.api.search.SubscriptionCriteria) Subscription(io.gravitee.repository.management.model.Subscription)

Example 4 with SubscriptionRepository

use of io.gravitee.repository.management.api.SubscriptionRepository in project gravitee-gateway by gravitee-io.

the class CheckSubscriptionPolicyTest method shouldContinue.

@Test
public void shouldContinue() throws PolicyException, TechnicalException {
    CheckSubscriptionPolicy policy = new CheckSubscriptionPolicy();
    Request request = mock(Request.class);
    Response response = mock(Response.class);
    PolicyChain policyChain = mock(PolicyChain.class);
    ExecutionContext executionContext = mock(ExecutionContext.class);
    when(executionContext.getAttribute(CheckSubscriptionPolicy.CONTEXT_ATTRIBUTE_CLIENT_ID)).thenReturn("my-client-id");
    SubscriptionRepository subscriptionRepository = mock(SubscriptionRepository.class);
    when(executionContext.getComponent(SubscriptionRepository.class)).thenReturn(subscriptionRepository);
    Subscription subscription = mock(Subscription.class);
    when(subscription.getClientId()).thenReturn("my-client-id");
    when(subscriptionRepository.search(any(SubscriptionCriteria.class))).thenReturn(Collections.singletonList(subscription));
    policy.onRequest(request, response, policyChain, executionContext);
    verify(policyChain, times(1)).doNext(request, response);
}
Also used : Response(io.gravitee.gateway.api.Response) PolicyChain(io.gravitee.policy.api.PolicyChain) ExecutionContext(io.gravitee.gateway.api.ExecutionContext) SubscriptionRepository(io.gravitee.repository.management.api.SubscriptionRepository) Request(io.gravitee.gateway.api.Request) SubscriptionCriteria(io.gravitee.repository.management.api.search.SubscriptionCriteria) Subscription(io.gravitee.repository.management.model.Subscription) Test(org.junit.Test)

Example 5 with SubscriptionRepository

use of io.gravitee.repository.management.api.SubscriptionRepository in project gravitee-gateway by gravitee-io.

the class CheckSubscriptionPolicy method onRequest.

@Override
protected void onRequest(Request request, Response response, PolicyChain policyChain, ExecutionContext executionContext) throws PolicyException {
    SubscriptionRepository subscriptionRepository = executionContext.getComponent(SubscriptionRepository.class);
    // Get plan and client_id from execution context
    String clientId = (String) executionContext.getAttribute(CONTEXT_ATTRIBUTE_CLIENT_ID);
    if (clientId == null || clientId.trim().isEmpty()) {
        sendError(response, policyChain, "invalid_client", "No client_id was supplied");
        return;
    }
    String plan = (String) executionContext.getAttribute(ExecutionContext.ATTR_PLAN);
    try {
        List<Subscription> subscriptions = subscriptionRepository.search(new SubscriptionCriteria.Builder().plans(Collections.singleton(plan)).clientId(clientId).status(Subscription.Status.ACCEPTED).build());
        if (subscriptions != null && !subscriptions.isEmpty()) {
            Subscription subscription = subscriptions.get(0);
            if (subscription.getClientId().equals(clientId) && (subscription.getEndingAt() == null || subscription.getEndingAt().after(Date.from(request.timestamp())))) {
                executionContext.setAttribute(ExecutionContext.ATTR_APPLICATION, subscription.getApplication());
                executionContext.setAttribute(ExecutionContext.ATTR_USER_ID, subscription.getId());
                policyChain.doNext(request, response);
                return;
            }
        }
        // As per https://tools.ietf.org/html/rfc6749#section-4.1.2.1
        sendUnauthorized(policyChain, OAUTH2_ERROR_ACCESS_DENIED);
    } catch (TechnicalException te) {
        // As per https://tools.ietf.org/html/rfc6749#section-4.1.2.1
        sendUnauthorized(policyChain, OAUTH2_ERROR_SERVER_ERROR);
    }
}
Also used : SubscriptionRepository(io.gravitee.repository.management.api.SubscriptionRepository) TechnicalException(io.gravitee.repository.exceptions.TechnicalException) SubscriptionCriteria(io.gravitee.repository.management.api.search.SubscriptionCriteria) Subscription(io.gravitee.repository.management.model.Subscription)

Aggregations

SubscriptionRepository (io.gravitee.repository.management.api.SubscriptionRepository)9 SubscriptionCriteria (io.gravitee.repository.management.api.search.SubscriptionCriteria)9 ExecutionContext (io.gravitee.gateway.api.ExecutionContext)7 Request (io.gravitee.gateway.api.Request)7 Response (io.gravitee.gateway.api.Response)7 PolicyChain (io.gravitee.policy.api.PolicyChain)7 Subscription (io.gravitee.repository.management.model.Subscription)7 Test (org.junit.Test)7 TechnicalException (io.gravitee.repository.exceptions.TechnicalException)2 HttpHeaders (io.gravitee.common.http.HttpHeaders)1