Example 6 with OAuthTokenInfo
use of org.wso2.carbon.apimgt.api.OAuthTokenInfo in project carbon-apimgt by wso2.
the class OAuthOpaqueAuthenticatorImpl method isAccessTokenExpired.
private boolean isAccessTokenExpired(OAuthTokenInfo accessTokenInfo) {
APIKeyValidationInfoDTO infoDTO = new APIKeyValidationInfoDTO();
infoDTO.setValidityPeriod(accessTokenInfo.getValidityPeriod());
infoDTO.setIssuedTime(accessTokenInfo.getIssuedTime());
return APIUtil.isAccessTokenExpired(infoDTO);
}
Also used :
APIKeyValidationInfoDTO(org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO)
Example 7 with OAuthTokenInfo
use of org.wso2.carbon.apimgt.api.OAuthTokenInfo in project carbon-apimgt by wso2.
the class JWTUtil method validateScopes.
/**
* @param message CXF message to be validate
* @param tokenInfo Token information associated with incoming request
* @return return true if we found matching scope in resource and token information
* else false(means scope validation failed).
*/
public static boolean validateScopes(HashMap<String, Object> message, OAuthTokenInfo tokenInfo) {
String basePath = (String) message.get(RestApiConstants.BASE_PATH);
// path is obtained from Message.REQUEST_URI instead of Message.PATH_INFO, as Message.PATH_INFO contains
// decoded values of request parameters
String path = (String) message.get(RestApiConstants.REQUEST_URL);
String verb = (String) message.get(RestApiConstants.REQUEST_METHOD);
String resource = path.substring(basePath.length() - 1);
String[] scopes = tokenInfo.getScopes();
String version = (String) message.get(RestApiConstants.API_VERSION);
// get all the URI templates of the REST API from the base path
Set<URITemplate> uriTemplates = (Set<URITemplate>) message.get(RestApiConstants.URI_TEMPLATES);
if (uriTemplates.isEmpty()) {
if (log.isDebugEnabled()) {
log.debug("No matching scopes found for request with path: " + basePath + ". Skipping scope validation.");
}
return true;
}
for (Object template : uriTemplates.toArray()) {
org.wso2.uri.template.URITemplate templateToValidate = null;
Map<String, String> var = new HashMap<String, String>();
// check scopes with what we have
String templateString = ((URITemplate) template).getUriTemplate();
try {
templateToValidate = new org.wso2.uri.template.URITemplate(templateString);
} catch (URITemplateException e) {
log.error("Error while creating URI Template object to validate request. Template pattern: " + templateString, e);
}
if (templateToValidate != null && templateToValidate.matches(resource, var) && scopes != null && verb != null && verb.equalsIgnoreCase(((URITemplate) template).getHTTPVerb())) {
for (String scope : scopes) {
Scope scp = ((URITemplate) template).getScope();
if (scp != null) {
if (scope.equalsIgnoreCase(scp.getKey())) {
// we found scopes matches
if (log.isDebugEnabled()) {
log.debug("Scope validation successful for access token: " + message.get(RestApiConstants.MASKED_TOKEN) + " with scope: " + scp.getKey() + " for resource path: " + path + " and verb " + verb);
}
return true;
}
} else if (!((URITemplate) template).retrieveAllScopes().isEmpty()) {
List<Scope> scopesList = ((URITemplate) template).retrieveAllScopes();
for (Scope scpObj : scopesList) {
if (scope.equalsIgnoreCase(scpObj.getKey())) {
// we found scopes matches
if (log.isDebugEnabled()) {
log.debug("Scope validation successful for access token: " + message.get(RestApiConstants.MASKED_TOKEN) + " with scope: " + scpObj.getKey() + " for resource path: " + path + " and verb " + verb);
}
return true;
}
}
} else {
if (log.isDebugEnabled()) {
log.debug("Scope not defined in swagger for matching resource " + resource + " and verb " + verb + " . So consider as anonymous permission and let request to continue.");
}
return true;
}
}
}
}
return false;
}
Also used :
Set(java.util.Set)
HashMap(java.util.HashMap)
URITemplate(org.wso2.carbon.apimgt.api.model.URITemplate)
URITemplateException(org.wso2.uri.template.URITemplateException)
Scope(org.wso2.carbon.apimgt.api.model.Scope)
List(java.util.List)
Aggregations
List (java.util.List)4
OAuthTokenInfo (org.wso2.carbon.apimgt.api.OAuthTokenInfo)4
MethodStats (org.wso2.carbon.apimgt.rest.api.util.MethodStats)4
HashMap (java.util.HashMap)3
Log (org.apache.commons.logging.Log)3
LogFactory (org.apache.commons.logging.LogFactory)3
APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)3
Scope (org.wso2.carbon.apimgt.api.model.Scope)3
URITemplate (org.wso2.carbon.apimgt.api.model.URITemplate)3
APIConstants (org.wso2.carbon.apimgt.impl.APIConstants)3
APIUtil (org.wso2.carbon.apimgt.impl.utils.APIUtil)3
RestApiConstants (org.wso2.carbon.apimgt.rest.api.common.RestApiConstants)3
PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)3
UserStoreException (org.wso2.carbon.user.api.UserStoreException)3
RealmService (org.wso2.carbon.user.core.service.RealmService)3
CarbonUtils (org.wso2.carbon.utils.CarbonUtils)3
MultitenantConstants (org.wso2.carbon.utils.multitenancy.MultitenantConstants)3
MultitenantUtils (org.wso2.carbon.utils.multitenancy.MultitenantUtils)3
URITemplateException (org.wso2.uri.template.URITemplateException)3
ParseException (java.text.ParseException)2
