Examples with FilterParamDescriptor org.apache.knox.gateway.descriptor.FilterParamDescriptor used on opensource projects

Example 6 with FilterParamDescriptor

use of org.apache.knox.gateway.descriptor.FilterParamDescriptor in project knox by apache.

the class ServiceTestDeploymentContributor method contributeService.

@Override
public void contributeService(DeploymentContext context, Service service) throws Exception {
    String packages = StringUtils.join(getPackages(), ";");
    for (String pattern : getPatterns()) {
        ResourceDescriptor resource = context.getGatewayDescriptor().addResource();
        resource.role(service.getRole());
        resource.pattern(pattern);
        addXForwardedFilter(context, service, resource);
        // addAuthenticationFilter(context, service, resource);
        // addIdentityAssertionFilter(context, service, resource);
        // addAuthorizationFilter(context, service, resource);
        // addRewriteFilter( context, service, resource, null );
        List<FilterParamDescriptor> params = new ArrayList<FilterParamDescriptor>();
        FilterParamDescriptor param = resource.createFilterParam();
        param.name(PACKAGES_PARAM);
        param.value(packages);
        params.add(param);
        FilterParamDescriptor traceType = resource.createFilterParam();
        traceType.name("jersey.config.server.tracing");
        traceType.value("ALL");
        params.add(traceType);
        FilterParamDescriptor traceLevel = resource.createFilterParam();
        traceLevel.name("jersey.config.server.tracing.threshold");
        traceLevel.value("VERBOSE");
        params.add(traceLevel);
        context.contributeFilter(service, resource, "pivot", "jersey", params);
        context.contributeFilter(service, resource, "pivot", "jersey", params);
    }
}

Example 7 with FilterParamDescriptor

use of org.apache.knox.gateway.descriptor.FilterParamDescriptor in project knox by apache.

the class ApplicationDeploymentContributor method contributeResource.

private void contributeResource(DeploymentContext context, Service service, Route binding, Map<String, String> filterParams) throws URISyntaxException {
    List<FilterParamDescriptor> params = new ArrayList<FilterParamDescriptor>();
    ResourceDescriptor resource = context.getGatewayDescriptor().addResource();
    resource.role(service.getRole());
    resource.pattern(binding.getPath());
    // add x-forwarded filter if enabled in config
    if (context.getGatewayConfig().isXForwardedEnabled()) {
        resource.addFilter().name(XFORWARDED_FILTER_NAME).role(XFORWARDED_FILTER_ROLE).impl(XForwardedHeaderFilter.class);
    }
    if (context.getGatewayConfig().isCookieScopingToPathEnabled()) {
        FilterDescriptor filter = resource.addFilter().name(COOKIE_SCOPING_FILTER_NAME).role(COOKIE_SCOPING_FILTER_ROLE).impl(CookieScopeServletFilter.class);
        filter.param().name(GatewayConfigImpl.HTTP_PATH).value(context.getGatewayConfig().getGatewayPath());
    }
    List<Policy> policyBindings = binding.getPolicies();
    if (policyBindings == null) {
        policyBindings = serviceDefinition.getPolicies();
    }
    if (policyBindings == null) {
        // add default set
        addDefaultPolicies(context, service, filterParams, params, resource);
    } else {
        addPolicies(context, service, filterParams, params, resource, policyBindings);
    }
}

Example 8 with FilterParamDescriptor

use of org.apache.knox.gateway.descriptor.FilterParamDescriptor in project knox by apache.

the class GatewayFactory method createParams.

private static Map<String, String> createParams(FilterDescriptor filter) {
    Map<String, String> paramMap = new HashMap<>();
    ResourceDescriptor resource = filter.up();
    GatewayDescriptor gateway = resource.up();
    for (GatewayParamDescriptor param : gateway.params()) {
        paramMap.put(param.name(), param.value());
    }
    for (ResourceParamDescriptor param : resource.params()) {
        paramMap.put(param.name(), param.value());
    }
    // TODO: Should all elements of the resource and gateway descriptor somehow be added to the filter params?
    // TODO: Should we use some composite params object instead of copying all these name value pairs?
    paramMap.put("pattern", resource.pattern());
    List<FilterParamDescriptor> paramList = filter.params();
    for (FilterParamDescriptor param : paramList) {
        paramMap.put(param.name(), param.value());
    }
    return paramMap;
}

Example 9 with FilterParamDescriptor

use of org.apache.knox.gateway.descriptor.FilterParamDescriptor in project knox by apache.

the class FilterDescriptorImpl method param.

@Override
public FilterParamDescriptor param() {
    FilterParamDescriptor param = createParam();
    param(param);
    return param;
}

Example 10 with FilterParamDescriptor

use of org.apache.knox.gateway.descriptor.FilterParamDescriptor in project knox by apache.

the class WebAppSecContributor method contributeFilter.

@Override
public void contributeFilter(DeploymentContext context, Provider provider, Service service, ResourceDescriptor resource, List<FilterParamDescriptor> params) {
    Provider webappsec = context.getTopology().getProvider(ROLE, NAME);
    if (webappsec != null && webappsec.isEnabled()) {
        Map<String, String> map = provider.getParams();
        if (params == null) {
            params = new ArrayList<FilterParamDescriptor>();
        }
        Map<String, String> providerParams = provider.getParams();
        // CORS support
        String corsEnabled = map.get(CORS_ENABLED);
        if (corsEnabled != null && "true".equals(corsEnabled)) {
            provisionConfig(resource, providerParams, params, "cors.");
            resource.addFilter().name(getName() + CORS_SUFFIX).role(getRole()).impl(CORS_FILTER_CLASSNAME).params(params);
        }
        // CRSF
        params = new ArrayList<FilterParamDescriptor>();
        String csrfEnabled = map.get(CSRF_ENABLED);
        if (csrfEnabled != null && "true".equals(csrfEnabled)) {
            provisionConfig(resource, providerParams, params, "csrf.");
            resource.addFilter().name(getName() + CSRF_SUFFIX).role(getRole()).impl(CSRF_FILTER_CLASSNAME).params(params);
        }
        // X-Frame-Options - clickjacking protection
        params = new ArrayList<FilterParamDescriptor>();
        String xframeOptionsEnabled = map.get(XFRAME_OPTIONS_ENABLED);
        if (xframeOptionsEnabled != null && "true".equals(xframeOptionsEnabled)) {
            provisionConfig(resource, providerParams, params, "xframe.");
            resource.addFilter().name(getName() + XFRAME_OPTIONS_SUFFIX).role(getRole()).impl(XFRAME_OPTIONS_FILTER_CLASSNAME).params(params);
        }
        // X-XSS-Protection - browser xss protection
        params = new ArrayList<FilterParamDescriptor>();
        String xssProtectionEnabled = map.get(XSS_PROTECTION_ENABLED);
        if (xssProtectionEnabled != null && "true".equals(xssProtectionEnabled)) {
            provisionConfig(resource, providerParams, params, "xss.");
            resource.addFilter().name(getName() + XSS_PROTECTION_SUFFIX).role(getRole()).impl(XSS_PROTECTION_FILTER_CLASSNAME).params(params);
        }
        // HTTP Strict-Transport-Security
        params = new ArrayList<FilterParamDescriptor>();
        String strictTranportEnabled = map.get(STRICT_TRANSPORT_ENABLED);
        if (strictTranportEnabled != null && "true".equals(strictTranportEnabled)) {
            provisionConfig(resource, providerParams, params, "strict.");
            resource.addFilter().name(getName() + STRICT_TRANSPORT_SUFFIX).role(getRole()).impl(STRICT_TRANSPORT_FILTER_CLASSNAME).params(params);
        }
    }
}