use of org.wso2.carbon.apimgt.api.APIMgtInternalException in project carbon-apimgt by wso2.
the class APIUtil method getAndSetDefaultKeyManagerConfiguration.
public static KeyManagerConfigurationDTO getAndSetDefaultKeyManagerConfiguration(KeyManagerConfigurationDTO keyManagerConfigurationDTO) throws APIManagementException {
boolean clientSecretHashEnabled = ServiceReferenceHolder.getInstance().getOauthServerConfiguration().isClientSecretHashEnabled();
Set<String> availableGrantTypes = ServiceReferenceHolder.getInstance().getOauthServerConfiguration().getSupportedGrantTypes().keySet();
long validityPeriod = ServiceReferenceHolder.getInstance().getOauthServerConfiguration().getApplicationAccessTokenValidityPeriodInSeconds();
APIManagerConfigurationService config = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService();
String issuerIdentifier = OAuthServerConfiguration.getInstance().getOpenIDConnectIDTokenIssuerIdentifier();
if (config != null) {
OpenIdConnectConfiguration openIdConnectConfigurations = null;
APIManagerConfiguration apiManagerConfiguration = config.getAPIManagerConfiguration();
String keyManagerUrl;
String enableTokenEncryption = apiManagerConfiguration.getFirstProperty(APIConstants.ENCRYPT_TOKENS_ON_PERSISTENCE);
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.AUTHSERVER_URL)) {
keyManagerConfigurationDTO.addProperty(APIConstants.AUTHSERVER_URL, apiManagerConfiguration.getFirstProperty(APIConstants.KEYMANAGER_SERVERURL));
}
keyManagerUrl = (String) keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.AUTHSERVER_URL);
if (StringUtils.isNotEmpty(keyManagerUrl)) {
openIdConnectConfigurations = APIUtil.getOpenIdConnectConfigurations(keyManagerUrl.split("/" + APIConstants.SERVICES_URL_RELATIVE_PATH)[0].concat(getTenantAwareContext(keyManagerConfigurationDTO.getOrganization())).concat(APIConstants.KeyManager.DEFAULT_KEY_MANAGER_OPENID_CONNECT_DISCOVERY_ENDPOINT));
}
if (keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.ENABLE_TOKEN_ENCRYPTION) == null) {
keyManagerConfigurationDTO.addProperty(APIConstants.ENCRYPT_TOKENS_ON_PERSISTENCE, Boolean.parseBoolean(enableTokenEncryption));
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.REVOKE_URL)) {
keyManagerConfigurationDTO.addProperty(APIConstants.REVOKE_URL, keyManagerUrl.split("/" + APIConstants.SERVICES_URL_RELATIVE_PATH)[0].concat(APIConstants.IDENTITY_REVOKE_ENDPOINT));
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.TOKEN_URL)) {
keyManagerConfigurationDTO.addProperty(APIConstants.TOKEN_URL, keyManagerUrl.split("/" + APIConstants.SERVICES_URL_RELATIVE_PATH)[0].concat(APIConstants.IDENTITY_TOKEN_ENDPOINT_CONTEXT));
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.AVAILABLE_GRANT_TYPE)) {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.AVAILABLE_GRANT_TYPE, new ArrayList<>(availableGrantTypes));
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.ENABLE_TOKEN_HASH)) {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.ENABLE_TOKEN_HASH, clientSecretHashEnabled);
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.ENABLE_OAUTH_APP_CREATION)) {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.ENABLE_OAUTH_APP_CREATION, true);
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.ENABLE_MAP_OAUTH_CONSUMER_APPS)) {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.ENABLE_MAP_OAUTH_CONSUMER_APPS, isMapExistingAuthAppsEnabled());
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.ENABLE_TOKEN_GENERATION)) {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.ENABLE_TOKEN_GENERATION, true);
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.TOKEN_ENDPOINT)) {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.TOKEN_ENDPOINT, keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.TOKEN_URL));
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.REVOKE_ENDPOINT)) {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.REVOKE_ENDPOINT, keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.REVOKE_URL));
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.IDENTITY_OAUTH2_FIELD_VALIDITY_PERIOD)) {
keyManagerConfigurationDTO.addProperty(APIConstants.IDENTITY_OAUTH2_FIELD_VALIDITY_PERIOD, String.valueOf(validityPeriod));
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.ENABLE_TOKEN_VALIDATION)) {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.ENABLE_TOKEN_VALIDATION, true);
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.SELF_VALIDATE_JWT)) {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.SELF_VALIDATE_JWT, true);
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.ISSUER)) {
if (openIdConnectConfigurations == null) {
throw new APIMgtInternalException("Error in fetching Open ID configuration.");
}
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.ISSUER, openIdConnectConfigurations.getIssuer());
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CLAIM_MAPPING)) {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.CLAIM_MAPPING, getDefaultClaimMappings());
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CERTIFICATE_TYPE)) {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT);
}
if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CERTIFICATE_VALUE)) {
if (openIdConnectConfigurations != null) {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, openIdConnectConfigurations.getJwksEndpoint());
} else {
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, keyManagerUrl.split("/" + APIConstants.SERVICES_URL_RELATIVE_PATH)[0].concat(getTenantAwareContext(keyManagerConfigurationDTO.getOrganization())).concat(APIConstants.KeyManager.DEFAULT_JWKS_ENDPOINT));
}
}
String defaultKeyManagerType = apiManagerConfiguration.getFirstProperty(APIConstants.DEFAULT_KEY_MANAGER_TYPE);
if (StringUtils.isNotEmpty(defaultKeyManagerType)) {
keyManagerConfigurationDTO.setType(defaultKeyManagerType);
}
}
return keyManagerConfigurationDTO;
}
use of org.wso2.carbon.apimgt.api.APIMgtInternalException in project carbon-apimgt by wso2.
the class APIUtil method getAdminPassword.
/**
* Return the admin password read from the user-mgt.xml
*
* @return
* @throws APIMgtInternalException
*/
public static String getAdminPassword() throws APIMgtInternalException {
String adminPassword = "admin";
try {
String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(tenantDomain);
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(tenantId);
adminPassword = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getRealmConfiguration().getAdminPassword();
} catch (UserStoreException e) {
handleInternalException("Error in getting admin password from user-mgt.xml", e);
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
return adminPassword;
}
use of org.wso2.carbon.apimgt.api.APIMgtInternalException in project carbon-apimgt by wso2.
the class APIUtil method getAdminUsername.
/**
* Return the admin username read from the user-mgt.xml
*
* @return
* @throws APIMgtInternalException
*/
public static String getAdminUsername() throws APIMgtInternalException {
String adminName = "admin";
try {
String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(tenantDomain);
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(tenantId);
adminName = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getRealmConfiguration().getAdminUserName();
} catch (UserStoreException e) {
handleInternalException("Error in getting admin username from user-mgt.xml", e);
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
return adminName;
}
use of org.wso2.carbon.apimgt.api.APIMgtInternalException in project carbon-apimgt by wso2.
the class APIManagerComponent method configureRecommendationEventPublisherProperties.
private void configureRecommendationEventPublisherProperties() {
OutputEventAdapterConfiguration adapterConfiguration = new OutputEventAdapterConfiguration();
adapterConfiguration.setName(APIConstants.RECOMMENDATIONS_WSO2_EVENT_PUBLISHER);
adapterConfiguration.setType(APIConstants.BLOCKING_EVENT_TYPE);
adapterConfiguration.setMessageFormat(APIConstants.BLOCKING_EVENT_FORMAT);
Map<String, String> adapterParameters = new HashMap<>();
if (ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService() != null) {
APIManagerConfiguration configuration = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration();
if (configuration.getApiRecommendationEnvironment() != null) {
try {
String receiverPort = System.getProperty(configuration.RECEIVER_URL_PORT);
String authPort = System.getProperty(configuration.AUTH_URL_PORT);
adapterParameters.put(APIConstants.RECEIVER_URL, "tcp://localhost:" + receiverPort);
adapterParameters.put(APIConstants.AUTHENTICATOR_URL, "ssl://localhost:" + authPort);
adapterParameters.put(APIConstants.USERNAME, APIUtil.getAdminUsername());
adapterParameters.put(APIConstants.PASSWORD, APIUtil.getAdminPassword());
adapterParameters.put(APIConstants.PROTOCOL, "Binary");
adapterParameters.put(APIConstants.PUBLISHING_MODE, APIConstants.NON_BLOCKING);
adapterParameters.put(APIConstants.PUBLISHING_TIME_OUT, "0");
adapterConfiguration.setStaticProperties(adapterParameters);
ServiceReferenceHolder.getInstance().getOutputEventAdapterService().create(adapterConfiguration);
log.info("API Recommendation system for dev portal is activated");
} catch (OutputEventAdapterException e) {
log.error("Exception occurred while creating recommendationEventPublisher Adapter." + " Request Blocking may not work properly", e);
} catch (APIMgtInternalException e) {
log.error("Exception occurred while reading the admin username and password", e);
}
}
}
}
use of org.wso2.carbon.apimgt.api.APIMgtInternalException in project carbon-apimgt by wso2.
the class OnPremResolver method resolve.
@Override
public String resolve(Map<String, Object> properties) throws APIManagementException {
ArrayList requestedTenantDomain = (ArrayList) ((TreeMap) (properties.get(APIConstants.PROPERTY_HEADERS_KEY))).get(HEADER_X_WSO2_TENANT);
String tenantDomain = null;
if (requestedTenantDomain != null) {
String header = requestedTenantDomain.get(0).toString();
if (StringUtils.isEmpty(header)) {
tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
} else {
tenantDomain = header;
}
try {
if (!APIUtil.isTenantAvailable(tenantDomain)) {
String errorMessage = "Provided tenant domain '" + tenantDomain + "' is invalid";
throw new APIMgtBadRequestException(errorMessage);
}
} catch (UserStoreException e) {
String errorMessage = "Error while checking availability of tenant " + tenantDomain;
throw new APIMgtInternalException(errorMessage);
}
}
if (StringUtils.isEmpty(tenantDomain)) {
tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
}
// Set "carbon.super" if tenantDomain is still not resolved.
if (StringUtils.isEmpty(tenantDomain)) {
tenantDomain = APIConstants.SUPER_TENANT_DOMAIN;
}
return tenantDomain;
}
Aggregations