Search in sources :

Example 1 with SecuritySchemeDefinition

use of io.swagger.models.auth.SecuritySchemeDefinition in project carbon-apimgt by wso2.

the class APIDefinitionFromSwagger20 method removeScopeFromSwaggerDefinition.

@Override
public String removeScopeFromSwaggerDefinition(String resourceConfigJSON, String name) {
    SwaggerParser swaggerParser = new SwaggerParser();
    Swagger swagger = swaggerParser.parse(resourceConfigJSON);
    Map<String, SecuritySchemeDefinition> securitySchemeDefinitionMap = swagger.getSecurityDefinitions();
    if (securitySchemeDefinitionMap != null && !securitySchemeDefinitionMap.isEmpty()) {
        OAuth2Definition oAuth2Definition = (OAuth2Definition) securitySchemeDefinitionMap.get(APIMgtConstants.OAUTH2SECURITY);
        if (oAuth2Definition != null) {
            // Removing Scope from Swagger SecurityDefinition
            oAuth2Definition.getScopes().remove(name);
            // Finding Security requirements at root level
            List<SecurityRequirement> securityRequirements = swagger.getSecurity();
            if (securityRequirements != null && !securityRequirements.isEmpty()) {
                // Get List of Security Requirements
                Iterator<SecurityRequirement> securityRequirementIterator = securityRequirements.iterator();
                while (securityRequirementIterator.hasNext()) {
                    SecurityRequirement securityRequirement = securityRequirementIterator.next();
                    Map<String, List<String>> secListMap = securityRequirement.getRequirements();
                    // get Oauth2Security scopes
                    List<String> scopesList = secListMap.get(APIMgtConstants.OAUTH2SECURITY);
                    if (scopesList != null) {
                        // Remove Scope from root level
                        scopesList.remove(name);
                    }
                    // Check root level security Requirements is empty
                    if (securityRequirement.getRequirements().isEmpty()) {
                        // Check root level security Requirements
                        securityRequirementIterator.remove();
                    }
                }
                if (securityRequirements.isEmpty()) {
                    // Remove root level security
                    swagger.setSecurity(null);
                }
            }
            Map<String, Path> pathMap = swagger.getPaths();
            if (pathMap != null && !pathMap.isEmpty()) {
                for (Map.Entry<String, Path> pathEntry : pathMap.entrySet()) {
                    Path path = pathEntry.getValue();
                    List<Operation> operationList = path.getOperations();
                    for (Operation operation : operationList) {
                        List<Map<String, List<String>>> operationSecurityList = operation.getSecurity();
                        if (operationSecurityList != null && !operationSecurityList.isEmpty()) {
                            Iterator<Map<String, List<String>>> securityMapIterator = operationSecurityList.iterator();
                            while (securityMapIterator.hasNext()) {
                                Map<String, List<String>> securityMap = securityMapIterator.next();
                                List<String> scopesList = securityMap.get(APIMgtConstants.OAUTH2SECURITY);
                                scopesList.remove(name);
                                if (scopesList.isEmpty()) {
                                    securityMapIterator.remove();
                                }
                            }
                            if (operationSecurityList.isEmpty()) {
                                operation.setSecurity(null);
                            }
                        }
                    }
                }
            }
        }
    }
    return Json.pretty(swagger);
}
Also used : Path(io.swagger.models.Path) OAuth2Definition(io.swagger.models.auth.OAuth2Definition) SecuritySchemeDefinition(io.swagger.models.auth.SecuritySchemeDefinition) Operation(io.swagger.models.Operation) SwaggerParser(io.swagger.parser.SwaggerParser) Swagger(io.swagger.models.Swagger) List(java.util.List) ArrayList(java.util.ArrayList) Map(java.util.Map) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) SecurityRequirement(io.swagger.models.SecurityRequirement)

Example 2 with SecuritySchemeDefinition

use of io.swagger.models.auth.SecuritySchemeDefinition in project carbon-apimgt by wso2.

the class APIDefinitionFromSwagger20 method updateScopesOnSwaggerDefinition.

@Override
public String updateScopesOnSwaggerDefinition(String resourceConfigJSON, Scope scope) {
    SwaggerParser swaggerParser = new SwaggerParser();
    Swagger swagger = swaggerParser.parse(resourceConfigJSON);
    Map<String, SecuritySchemeDefinition> securitySchemeDefinitionMap = swagger.getSecurityDefinitions();
    if (securitySchemeDefinitionMap != null && !securitySchemeDefinitionMap.isEmpty()) {
        OAuth2Definition oAuth2Definition = (OAuth2Definition) securitySchemeDefinitionMap.get(APIMgtConstants.OAUTH2SECURITY);
        if (oAuth2Definition != null) {
            // Removing Scope from Swagger SecurityDefinition
            Map<String, String> scopeMap = oAuth2Definition.getScopes();
            if (scopeMap != null && scopeMap.containsKey(scope.getName())) {
                scopeMap.replace(scope.getName(), scope.getDescription());
            }
        }
    }
    return Json.pretty(swagger);
}
Also used : SwaggerParser(io.swagger.parser.SwaggerParser) Swagger(io.swagger.models.Swagger) OAuth2Definition(io.swagger.models.auth.OAuth2Definition) SecuritySchemeDefinition(io.swagger.models.auth.SecuritySchemeDefinition)

Example 3 with SecuritySchemeDefinition

use of io.swagger.models.auth.SecuritySchemeDefinition in project carbon-apimgt by wso2.

the class APIDefinitionFromSwagger20 method getScopesFromSecurityDefinition.

@Override
public Map<String, String> getScopesFromSecurityDefinition(String resourceConfigJSON) throws APIManagementException {
    SwaggerParser swaggerParser = new SwaggerParser();
    Swagger swagger = swaggerParser.parse(resourceConfigJSON);
    Map<String, String> scopes = new HashMap<>();
    Map<String, SecuritySchemeDefinition> securityDefinitions = swagger.getSecurityDefinitions();
    if (securityDefinitions != null) {
        for (Map.Entry<String, SecuritySchemeDefinition> securitySchemeDefinitionEntry : securityDefinitions.entrySet()) {
            if (securitySchemeDefinitionEntry.getValue() instanceof OAuth2Definition) {
                OAuth2Definition securityDefinition = (OAuth2Definition) securitySchemeDefinitionEntry.getValue();
                if (securityDefinition != null) {
                    scopes.putAll(securityDefinition.getScopes());
                }
            }
        }
    }
    return scopes;
}
Also used : SwaggerParser(io.swagger.parser.SwaggerParser) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) Swagger(io.swagger.models.Swagger) OAuth2Definition(io.swagger.models.auth.OAuth2Definition) SecuritySchemeDefinition(io.swagger.models.auth.SecuritySchemeDefinition) Map(java.util.Map) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap)

Example 4 with SecuritySchemeDefinition

use of io.swagger.models.auth.SecuritySchemeDefinition in project swagger-core by swagger-api.

the class SecurityDefinitionDeserializer method deserialize.

@Override
public SecuritySchemeDefinition deserialize(JsonParser jp, DeserializationContext ctxt) throws IOException, JsonProcessingException {
    SecuritySchemeDefinition result = null;
    JsonNode node = jp.getCodec().readTree(jp);
    JsonNode inNode = node.get("type");
    if (inNode != null) {
        String type = inNode.asText();
        if ("basic".equals(type)) {
            result = Json.mapper().convertValue(node, BasicAuthDefinition.class);
        } else if ("apiKey".equals(type)) {
            result = Json.mapper().convertValue(node, ApiKeyAuthDefinition.class);
        } else if ("oauth2".equals(type)) {
            result = Json.mapper().convertValue(node, OAuth2Definition.class);
        }
    }
    return result;
}
Also used : OAuth2Definition(io.swagger.models.auth.OAuth2Definition) JsonNode(com.fasterxml.jackson.databind.JsonNode) SecuritySchemeDefinition(io.swagger.models.auth.SecuritySchemeDefinition) BasicAuthDefinition(io.swagger.models.auth.BasicAuthDefinition)

Example 5 with SecuritySchemeDefinition

use of io.swagger.models.auth.SecuritySchemeDefinition in project swagger-core by swagger-api.

the class SwaggerTest method testSecurityDefinition.

@Test
public void testSecurityDefinition() {
    // given
    SecuritySchemeDefinition securityDefinition = new BasicAuthDefinition();
    String name = "name";
    // when
    swagger.securityDefinition(name, securityDefinition);
    // then
    assertEquals(swagger.getSecurityDefinitions().get(name), securityDefinition, "Must be able to retrieve the added security definition");
}
Also used : SecuritySchemeDefinition(io.swagger.models.auth.SecuritySchemeDefinition) BasicAuthDefinition(io.swagger.models.auth.BasicAuthDefinition) Test(org.testng.annotations.Test)

Aggregations

SecuritySchemeDefinition (io.swagger.models.auth.SecuritySchemeDefinition)7 OAuth2Definition (io.swagger.models.auth.OAuth2Definition)6 Swagger (io.swagger.models.Swagger)5 SwaggerParser (io.swagger.parser.SwaggerParser)5 HashMap (java.util.HashMap)4 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)4 Map (java.util.Map)3 BasicAuthDefinition (io.swagger.models.auth.BasicAuthDefinition)2 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 Operation (io.swagger.models.Operation)1 Path (io.swagger.models.Path)1 SecurityRequirement (io.swagger.models.SecurityRequirement)1 ArrayList (java.util.ArrayList)1 List (java.util.List)1 Test (org.testng.annotations.Test)1 KeyMgtConfigurations (org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations)1 Scope (org.wso2.carbon.apimgt.core.models.Scope)1