Search in sources :

Example 1 with APIMgtInternalException

use of org.wso2.carbon.apimgt.api.APIMgtInternalException in project carbon-apimgt by wso2.

the class APIUtil method getAndSetDefaultKeyManagerConfiguration.

public static KeyManagerConfigurationDTO getAndSetDefaultKeyManagerConfiguration(KeyManagerConfigurationDTO keyManagerConfigurationDTO) throws APIManagementException {
    boolean clientSecretHashEnabled = ServiceReferenceHolder.getInstance().getOauthServerConfiguration().isClientSecretHashEnabled();
    Set<String> availableGrantTypes = ServiceReferenceHolder.getInstance().getOauthServerConfiguration().getSupportedGrantTypes().keySet();
    long validityPeriod = ServiceReferenceHolder.getInstance().getOauthServerConfiguration().getApplicationAccessTokenValidityPeriodInSeconds();
    APIManagerConfigurationService config = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService();
    String issuerIdentifier = OAuthServerConfiguration.getInstance().getOpenIDConnectIDTokenIssuerIdentifier();
    if (config != null) {
        OpenIdConnectConfiguration openIdConnectConfigurations = null;
        APIManagerConfiguration apiManagerConfiguration = config.getAPIManagerConfiguration();
        String keyManagerUrl;
        String enableTokenEncryption = apiManagerConfiguration.getFirstProperty(APIConstants.ENCRYPT_TOKENS_ON_PERSISTENCE);
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.AUTHSERVER_URL)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.AUTHSERVER_URL, apiManagerConfiguration.getFirstProperty(APIConstants.KEYMANAGER_SERVERURL));
        }
        keyManagerUrl = (String) keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.AUTHSERVER_URL);
        if (StringUtils.isNotEmpty(keyManagerUrl)) {
            openIdConnectConfigurations = APIUtil.getOpenIdConnectConfigurations(keyManagerUrl.split("/" + APIConstants.SERVICES_URL_RELATIVE_PATH)[0].concat(getTenantAwareContext(keyManagerConfigurationDTO.getOrganization())).concat(APIConstants.KeyManager.DEFAULT_KEY_MANAGER_OPENID_CONNECT_DISCOVERY_ENDPOINT));
        }
        if (keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.ENABLE_TOKEN_ENCRYPTION) == null) {
            keyManagerConfigurationDTO.addProperty(APIConstants.ENCRYPT_TOKENS_ON_PERSISTENCE, Boolean.parseBoolean(enableTokenEncryption));
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.REVOKE_URL)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.REVOKE_URL, keyManagerUrl.split("/" + APIConstants.SERVICES_URL_RELATIVE_PATH)[0].concat(APIConstants.IDENTITY_REVOKE_ENDPOINT));
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.TOKEN_URL)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.TOKEN_URL, keyManagerUrl.split("/" + APIConstants.SERVICES_URL_RELATIVE_PATH)[0].concat(APIConstants.IDENTITY_TOKEN_ENDPOINT_CONTEXT));
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.AVAILABLE_GRANT_TYPE)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.AVAILABLE_GRANT_TYPE, new ArrayList<>(availableGrantTypes));
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.ENABLE_TOKEN_HASH)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.ENABLE_TOKEN_HASH, clientSecretHashEnabled);
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.ENABLE_OAUTH_APP_CREATION)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.ENABLE_OAUTH_APP_CREATION, true);
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.ENABLE_MAP_OAUTH_CONSUMER_APPS)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.ENABLE_MAP_OAUTH_CONSUMER_APPS, isMapExistingAuthAppsEnabled());
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.ENABLE_TOKEN_GENERATION)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.ENABLE_TOKEN_GENERATION, true);
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.TOKEN_ENDPOINT)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.TOKEN_ENDPOINT, keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.TOKEN_URL));
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.REVOKE_ENDPOINT)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.REVOKE_ENDPOINT, keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.REVOKE_URL));
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.IDENTITY_OAUTH2_FIELD_VALIDITY_PERIOD)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.IDENTITY_OAUTH2_FIELD_VALIDITY_PERIOD, String.valueOf(validityPeriod));
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.ENABLE_TOKEN_VALIDATION)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.ENABLE_TOKEN_VALIDATION, true);
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.SELF_VALIDATE_JWT)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.SELF_VALIDATE_JWT, true);
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.ISSUER)) {
            if (openIdConnectConfigurations == null) {
                throw new APIMgtInternalException("Error in fetching Open ID configuration.");
            }
            keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.ISSUER, openIdConnectConfigurations.getIssuer());
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CLAIM_MAPPING)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.CLAIM_MAPPING, getDefaultClaimMappings());
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CERTIFICATE_TYPE)) {
            keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT);
        }
        if (!keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CERTIFICATE_VALUE)) {
            if (openIdConnectConfigurations != null) {
                keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, openIdConnectConfigurations.getJwksEndpoint());
            } else {
                keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, keyManagerUrl.split("/" + APIConstants.SERVICES_URL_RELATIVE_PATH)[0].concat(getTenantAwareContext(keyManagerConfigurationDTO.getOrganization())).concat(APIConstants.KeyManager.DEFAULT_JWKS_ENDPOINT));
            }
        }
        String defaultKeyManagerType = apiManagerConfiguration.getFirstProperty(APIConstants.DEFAULT_KEY_MANAGER_TYPE);
        if (StringUtils.isNotEmpty(defaultKeyManagerType)) {
            keyManagerConfigurationDTO.setType(defaultKeyManagerType);
        }
    }
    return keyManagerConfigurationDTO;
}
Also used : APIMgtInternalException(org.wso2.carbon.apimgt.api.APIMgtInternalException) OpenIdConnectConfiguration(org.wso2.carbon.apimgt.impl.kmclient.model.OpenIdConnectConfiguration) APIManagerConfiguration(org.wso2.carbon.apimgt.impl.APIManagerConfiguration) APIManagerConfigurationService(org.wso2.carbon.apimgt.impl.APIManagerConfigurationService)

Example 2 with APIMgtInternalException

use of org.wso2.carbon.apimgt.api.APIMgtInternalException in project carbon-apimgt by wso2.

the class APIUtil method getAdminPassword.

/**
 * Return the admin password read from the user-mgt.xml
 *
 * @return
 * @throws APIMgtInternalException
 */
public static String getAdminPassword() throws APIMgtInternalException {
    String adminPassword = "admin";
    try {
        String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(tenantDomain);
        PrivilegedCarbonContext.startTenantFlow();
        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain);
        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(tenantId);
        adminPassword = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getRealmConfiguration().getAdminPassword();
    } catch (UserStoreException e) {
        handleInternalException("Error in getting admin password from user-mgt.xml", e);
    } finally {
        PrivilegedCarbonContext.endTenantFlow();
    }
    return adminPassword;
}
Also used : UserStoreException(org.wso2.carbon.user.api.UserStoreException) Endpoint(org.wso2.carbon.governance.api.endpoints.dataobjects.Endpoint)

Example 3 with APIMgtInternalException

use of org.wso2.carbon.apimgt.api.APIMgtInternalException in project carbon-apimgt by wso2.

the class APIUtil method getAdminUsername.

/**
 * Return the admin username read from the user-mgt.xml
 *
 * @return
 * @throws APIMgtInternalException
 */
public static String getAdminUsername() throws APIMgtInternalException {
    String adminName = "admin";
    try {
        String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(tenantDomain);
        PrivilegedCarbonContext.startTenantFlow();
        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain);
        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(tenantId);
        adminName = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getRealmConfiguration().getAdminUserName();
    } catch (UserStoreException e) {
        handleInternalException("Error in getting admin username from user-mgt.xml", e);
    } finally {
        PrivilegedCarbonContext.endTenantFlow();
    }
    return adminName;
}
Also used : UserStoreException(org.wso2.carbon.user.api.UserStoreException) Endpoint(org.wso2.carbon.governance.api.endpoints.dataobjects.Endpoint)

Example 4 with APIMgtInternalException

use of org.wso2.carbon.apimgt.api.APIMgtInternalException in project carbon-apimgt by wso2.

the class APIManagerComponent method configureRecommendationEventPublisherProperties.

private void configureRecommendationEventPublisherProperties() {
    OutputEventAdapterConfiguration adapterConfiguration = new OutputEventAdapterConfiguration();
    adapterConfiguration.setName(APIConstants.RECOMMENDATIONS_WSO2_EVENT_PUBLISHER);
    adapterConfiguration.setType(APIConstants.BLOCKING_EVENT_TYPE);
    adapterConfiguration.setMessageFormat(APIConstants.BLOCKING_EVENT_FORMAT);
    Map<String, String> adapterParameters = new HashMap<>();
    if (ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService() != null) {
        APIManagerConfiguration configuration = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration();
        if (configuration.getApiRecommendationEnvironment() != null) {
            try {
                String receiverPort = System.getProperty(configuration.RECEIVER_URL_PORT);
                String authPort = System.getProperty(configuration.AUTH_URL_PORT);
                adapterParameters.put(APIConstants.RECEIVER_URL, "tcp://localhost:" + receiverPort);
                adapterParameters.put(APIConstants.AUTHENTICATOR_URL, "ssl://localhost:" + authPort);
                adapterParameters.put(APIConstants.USERNAME, APIUtil.getAdminUsername());
                adapterParameters.put(APIConstants.PASSWORD, APIUtil.getAdminPassword());
                adapterParameters.put(APIConstants.PROTOCOL, "Binary");
                adapterParameters.put(APIConstants.PUBLISHING_MODE, APIConstants.NON_BLOCKING);
                adapterParameters.put(APIConstants.PUBLISHING_TIME_OUT, "0");
                adapterConfiguration.setStaticProperties(adapterParameters);
                ServiceReferenceHolder.getInstance().getOutputEventAdapterService().create(adapterConfiguration);
                log.info("API Recommendation system for dev portal is activated");
            } catch (OutputEventAdapterException e) {
                log.error("Exception occurred while creating recommendationEventPublisher Adapter." + " Request Blocking may not work properly", e);
            } catch (APIMgtInternalException e) {
                log.error("Exception occurred while reading the admin username and password", e);
            }
        }
    }
}
Also used : APIMgtInternalException(org.wso2.carbon.apimgt.api.APIMgtInternalException) APIManagerConfiguration(org.wso2.carbon.apimgt.impl.APIManagerConfiguration) OutputEventAdapterException(org.wso2.carbon.event.output.adapter.core.exception.OutputEventAdapterException) HashMap(java.util.HashMap) OutputEventAdapterConfiguration(org.wso2.carbon.event.output.adapter.core.OutputEventAdapterConfiguration)

Example 5 with APIMgtInternalException

use of org.wso2.carbon.apimgt.api.APIMgtInternalException in project carbon-apimgt by wso2.

the class OnPremResolver method resolve.

@Override
public String resolve(Map<String, Object> properties) throws APIManagementException {
    ArrayList requestedTenantDomain = (ArrayList) ((TreeMap) (properties.get(APIConstants.PROPERTY_HEADERS_KEY))).get(HEADER_X_WSO2_TENANT);
    String tenantDomain = null;
    if (requestedTenantDomain != null) {
        String header = requestedTenantDomain.get(0).toString();
        if (StringUtils.isEmpty(header)) {
            tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        } else {
            tenantDomain = header;
        }
        try {
            if (!APIUtil.isTenantAvailable(tenantDomain)) {
                String errorMessage = "Provided tenant domain '" + tenantDomain + "' is invalid";
                throw new APIMgtBadRequestException(errorMessage);
            }
        } catch (UserStoreException e) {
            String errorMessage = "Error while checking availability of tenant " + tenantDomain;
            throw new APIMgtInternalException(errorMessage);
        }
    }
    if (StringUtils.isEmpty(tenantDomain)) {
        tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
    }
    // Set "carbon.super" if tenantDomain is still not resolved.
    if (StringUtils.isEmpty(tenantDomain)) {
        tenantDomain = APIConstants.SUPER_TENANT_DOMAIN;
    }
    return tenantDomain;
}
Also used : APIMgtInternalException(org.wso2.carbon.apimgt.api.APIMgtInternalException) ArrayList(java.util.ArrayList) UserStoreException(org.wso2.carbon.user.api.UserStoreException) APIMgtBadRequestException(org.wso2.carbon.apimgt.api.APIMgtBadRequestException)

Aggregations

APIMgtInternalException (org.wso2.carbon.apimgt.api.APIMgtInternalException)3 UserStoreException (org.wso2.carbon.user.api.UserStoreException)3 APIManagerConfiguration (org.wso2.carbon.apimgt.impl.APIManagerConfiguration)2 Endpoint (org.wso2.carbon.governance.api.endpoints.dataobjects.Endpoint)2 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 APIMgtBadRequestException (org.wso2.carbon.apimgt.api.APIMgtBadRequestException)1 APIManagerConfigurationService (org.wso2.carbon.apimgt.impl.APIManagerConfigurationService)1 OpenIdConnectConfiguration (org.wso2.carbon.apimgt.impl.kmclient.model.OpenIdConnectConfiguration)1 OutputEventAdapterConfiguration (org.wso2.carbon.event.output.adapter.core.OutputEventAdapterConfiguration)1 OutputEventAdapterException (org.wso2.carbon.event.output.adapter.core.exception.OutputEventAdapterException)1