use of org.wso2.carbon.apimgt.api.model.EndpointSecurity in project carbon-apimgt by wso2.
the class SecurityConfigContextTest method testSecurityConfigContextForAPIProductWithOAuth.
@Test
public void testSecurityConfigContextForAPIProductWithOAuth() throws Exception {
APIProduct apiProduct = new APIProduct(new APIProductIdentifier("admin", "TestProduct", "1.0.0"));
apiProduct.setUuid(UUID.randomUUID().toString());
String apiid = UUID.randomUUID().toString();
List<APIProductResource> apiProductResourceList = new ArrayList<>();
APIProductResource apiProductResource = new APIProductResource();
apiProductResource.setApiIdentifier(new APIIdentifier("admin_api1_v1"));
apiProductResource.setApiId(apiid);
Map<String, EndpointSecurity> endpointSecurityMap = new HashMap<>();
EndpointSecurity endpointSecurity = new EndpointSecurity();
endpointSecurity.setType("oauth");
endpointSecurity.setClientId("123-456");
endpointSecurity.setClientSecret("admin123");
endpointSecurity.setGrantType("client_credentials");
endpointSecurity.setEnabled(true);
endpointSecurityMap.put("production", endpointSecurity);
apiProductResource.setApiId(apiid);
apiProductResource.setEndpointSecurityMap(endpointSecurityMap);
apiProductResourceList.add(apiProductResource);
apiProduct.setProductResources(apiProductResourceList);
ConfigContext configcontext = new APIConfigContext(apiProduct);
Mockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.API_SECUREVAULT_ENABLE)).thenReturn("true");
Map<String, APIDTO> apidtoMap = new HashMap<>();
apidtoMap.put(apiid, new APIDTO().name("api1").version("v1").provider("admin").id(UUID.randomUUID().toString()));
SecurityConfigContext securityConfigContext = new SecurityConfigContextWrapper(configcontext, apiProduct, apiManagerConfiguration, apidtoMap);
securityConfigContext.validate();
VelocityContext velocityContext = securityConfigContext.getContext();
Assert.assertNotNull(velocityContext.get("endpoint_security"));
Map<String, Map<String, EndpointSecurityModel>> endpointSecurityModelMap = (Map<String, Map<String, EndpointSecurityModel>>) velocityContext.get("endpoint_security");
Map<String, EndpointSecurityModel> endpointSecurityModelMap1 = endpointSecurityModelMap.get(apiProductResource.getApiId());
EndpointSecurityModel production = endpointSecurityModelMap1.get("production");
Assert.assertTrue("Property enabled cannot be false.", production.isEnabled());
Assert.assertTrue("Property type cannot be other.", production.getType().equalsIgnoreCase("oauth"));
Assert.assertTrue("Property username does not match.", "123-456".equals(production.getClientId()));
Assert.assertEquals(production.getClientSecretAlias(), "TestProduct--v1.0.0--api1--vv1--oauth--clientSecret" + "--production");
Assert.assertTrue("Property isSecureVaultEnabled cannot be false. ", velocityContext.get("isSecureVaultEnabled").equals(true));
}
use of org.wso2.carbon.apimgt.api.model.EndpointSecurity in project carbon-apimgt by wso2.
the class SecurityConfigContext method getContext.
public VelocityContext getContext() {
VelocityContext context = super.getContext();
boolean isSecureVaultEnabled = Boolean.parseBoolean(getApiManagerConfiguration().getFirstProperty(APIConstants.API_SECUREVAULT_ENABLE));
if (api != null) {
Map<String, EndpointSecurityModel> endpointSecurityModelMap = new HashMap<>();
endpointSecurityModelMap.put(APIConstants.ENDPOINT_SECURITY_PRODUCTION, new EndpointSecurityModel());
endpointSecurityModelMap.put(APIConstants.ENDPOINT_SECURITY_SANDBOX, new EndpointSecurityModel());
if (StringUtils.isNotEmpty(api.getEndpointConfig())) {
if (productionEndpointSecurity != null) {
EndpointSecurityModel endpointSecurityModel = new ObjectMapper().convertValue(productionEndpointSecurity, EndpointSecurityModel.class);
endpointSecurityModel = retrieveEndpointSecurityModel(endpointSecurityModel, api.getId().getApiName(), api.getId().getVersion(), api.getUuid(), APIConstants.ENDPOINT_SECURITY_PRODUCTION, null);
if (endpointSecurityModel != null) {
endpointSecurityModelMap.put(APIConstants.ENDPOINT_SECURITY_PRODUCTION, endpointSecurityModel);
}
}
if (sandboxEndpointSecurity != null) {
EndpointSecurityModel endpointSecurityModel = new ObjectMapper().convertValue(sandboxEndpointSecurity, EndpointSecurityModel.class);
endpointSecurityModel = retrieveEndpointSecurityModel(endpointSecurityModel, api.getId().getApiName(), api.getId().getVersion(), api.getUuid(), APIConstants.ENDPOINT_SECURITY_SANDBOX, null);
if (endpointSecurityModel != null) {
endpointSecurityModelMap.put(APIConstants.ENDPOINT_SECURITY_SANDBOX, endpointSecurityModel);
}
}
}
context.put("endpoint_security", endpointSecurityModelMap);
} else if (apiProduct != null) {
Map<String, Map<String, EndpointSecurityModel>> endpointSecurityModelMap = new HashMap<>();
for (APIProductResource apiProductResource : apiProduct.getProductResources()) {
APIDTO apidto = associatedAPIMap.get(apiProductResource.getApiId());
String alias = apiProduct.getId().getName() + "--v" + apiProduct.getId().getVersion();
Map<String, EndpointSecurityModel> stringEndpointSecurityModelMap = new HashMap<>();
Map<String, EndpointSecurity> endpointSecurityMap = apiProductResource.getEndpointSecurityMap();
for (Map.Entry<String, EndpointSecurity> endpointSecurityEntry : endpointSecurityMap.entrySet()) {
EndpointSecurityModel endpointSecurityModel = new EndpointSecurityModel(endpointSecurityEntry.getValue());
endpointSecurityModel = retrieveEndpointSecurityModel(endpointSecurityModel, apidto.getName(), apidto.getVersion(), apidto.getId(), endpointSecurityEntry.getKey(), alias);
stringEndpointSecurityModelMap.put(endpointSecurityEntry.getKey(), endpointSecurityModel);
}
endpointSecurityModelMap.put(apiProductResource.getApiId(), stringEndpointSecurityModelMap);
}
context.put("endpoint_security", endpointSecurityModelMap);
}
context.put("isSecureVaultEnabled", isSecureVaultEnabled);
return context;
}
use of org.wso2.carbon.apimgt.api.model.EndpointSecurity in project carbon-apimgt by wso2.
the class APIMappingUtil method fromAPItoDTO.
public static APIDTO fromAPItoDTO(API model, boolean preserveCredentials, APIProvider apiProviderParam) throws APIManagementException {
APIProvider apiProvider;
if (apiProviderParam != null) {
apiProvider = apiProviderParam;
} else {
apiProvider = RestApiCommonUtil.getLoggedInUserProvider();
}
APIDTO dto = new APIDTO();
dto.setName(model.getId().getApiName());
dto.setVersion(model.getId().getVersion());
String providerName = model.getId().getProviderName();
dto.setProvider(APIUtil.replaceEmailDomainBack(providerName));
dto.setId(model.getUUID());
String context = model.getContextTemplate();
if (context.endsWith("/" + RestApiConstants.API_VERSION_PARAM)) {
context = context.replace("/" + RestApiConstants.API_VERSION_PARAM, "");
}
dto.setContext(context);
dto.setCreatedTime(model.getCreatedTime());
if (model.getLastUpdated() != null) {
dto.setLastUpdatedTime(Long.toString(model.getLastUpdated().getTime()));
}
dto.setDescription(model.getDescription());
dto.setIsDefaultVersion(model.isDefaultVersion());
dto.setIsRevision(model.isRevision());
dto.setRevisionedApiId(model.getRevisionedApiId());
dto.setRevisionId(model.getRevisionId());
dto.setEnableSchemaValidation(model.isEnabledSchemaValidation());
AdvertiseInfoDTO advertiseInfoDTO = new AdvertiseInfoDTO();
advertiseInfoDTO.setAdvertised(model.isAdvertiseOnly());
advertiseInfoDTO.setApiExternalProductionEndpoint(model.getApiExternalProductionEndpoint());
advertiseInfoDTO.setApiExternalSandboxEndpoint(model.getApiExternalSandboxEndpoint());
advertiseInfoDTO.setOriginalDevPortalUrl(model.getRedirectURL());
advertiseInfoDTO.setApiOwner(model.getApiOwner());
if (model.getAdvertiseOnlyAPIVendor() != null) {
advertiseInfoDTO.setVendor(AdvertiseInfoDTO.VendorEnum.valueOf(model.getAdvertiseOnlyAPIVendor()));
}
dto.setAdvertiseInfo(advertiseInfoDTO);
if (APIConstants.ENABLED.equals(model.getResponseCache())) {
dto.setResponseCachingEnabled(Boolean.TRUE);
} else {
dto.setResponseCachingEnabled(Boolean.FALSE);
}
String serviceKey = model.getServiceInfo("key");
if (StringUtils.isNotEmpty(serviceKey)) {
APIServiceInfoDTO apiServiceInfoDTO = new APIServiceInfoDTO();
apiServiceInfoDTO.setKey(serviceKey);
apiServiceInfoDTO.setOutdated(Boolean.parseBoolean(model.getServiceInfo("outdated")));
apiServiceInfoDTO.setName(model.getServiceInfo("name"));
apiServiceInfoDTO.setVersion(model.getServiceInfo("version"));
dto.setServiceInfo(apiServiceInfoDTO);
}
dto.setCacheTimeout(model.getCacheTimeout());
String endpointConfig = model.getEndpointConfig();
if (!StringUtils.isBlank(endpointConfig)) {
try {
JSONParser parser = new JSONParser();
JSONObject endpointConfigJson = (JSONObject) parser.parse(endpointConfig);
// AWS Lambda: set secret key based on preserveCredentials
if (APIConstants.ENDPOINT_TYPE_AWSLAMBDA.equals(endpointConfigJson.get(APIConstants.API_ENDPOINT_CONFIG_PROTOCOL_TYPE))) {
handleAWSCredentials(endpointConfigJson, preserveCredentials);
}
CryptoUtil cryptoUtil = CryptoUtil.getDefaultCryptoUtil();
if (endpointConfigJson.get(APIConstants.ENDPOINT_SECURITY) != null) {
JSONObject endpointSecurity = (JSONObject) endpointConfigJson.get(APIConstants.ENDPOINT_SECURITY);
if (endpointSecurity.get(APIConstants.OAuthConstants.ENDPOINT_SECURITY_PRODUCTION) != null) {
JSONObject productionEndpointSecurity = (JSONObject) endpointSecurity.get(APIConstants.OAuthConstants.ENDPOINT_SECURITY_PRODUCTION);
String productionEndpointType = (String) productionEndpointSecurity.get(APIConstants.OAuthConstants.ENDPOINT_SECURITY_TYPE);
if (productionEndpointSecurity.get(APIConstants.OAuthConstants.OAUTH_CUSTOM_PARAMETERS) != null) {
String customParametersString = (String) productionEndpointSecurity.get(APIConstants.OAuthConstants.OAUTH_CUSTOM_PARAMETERS);
JSONObject customParameters = (JSONObject) parser.parse(customParametersString);
productionEndpointSecurity.put(APIConstants.OAuthConstants.OAUTH_CUSTOM_PARAMETERS, customParameters);
}
if (APIConstants.OAuthConstants.OAUTH.equals(productionEndpointType)) {
String clientSecret = (String) productionEndpointSecurity.get(APIConstants.OAuthConstants.OAUTH_CLIENT_SECRET);
if (StringUtils.isNotEmpty(clientSecret)) {
productionEndpointSecurity.put(APIConstants.OAuthConstants.OAUTH_CLIENT_SECRET, new String(cryptoUtil.base64DecodeAndDecrypt(clientSecret)));
}
}
endpointSecurity.put(APIConstants.OAuthConstants.ENDPOINT_SECURITY_PRODUCTION, productionEndpointSecurity);
endpointConfigJson.put(APIConstants.ENDPOINT_SECURITY, endpointSecurity);
}
if (endpointSecurity.get(APIConstants.OAuthConstants.ENDPOINT_SECURITY_SANDBOX) != null) {
JSONObject sandboxEndpointSecurity = (JSONObject) endpointSecurity.get(APIConstants.OAuthConstants.ENDPOINT_SECURITY_SANDBOX);
String sandboxEndpointType = (String) sandboxEndpointSecurity.get(APIConstants.OAuthConstants.ENDPOINT_SECURITY_TYPE);
if (sandboxEndpointSecurity.get(APIConstants.OAuthConstants.OAUTH_CUSTOM_PARAMETERS) != null) {
String customParametersString = (String) sandboxEndpointSecurity.get(APIConstants.OAuthConstants.OAUTH_CUSTOM_PARAMETERS);
JSONObject customParameters = (JSONObject) parser.parse(customParametersString);
sandboxEndpointSecurity.put(APIConstants.OAuthConstants.OAUTH_CUSTOM_PARAMETERS, customParameters);
}
if (APIConstants.OAuthConstants.OAUTH.equals(sandboxEndpointType)) {
String clientSecret = (String) sandboxEndpointSecurity.get(APIConstants.OAuthConstants.OAUTH_CLIENT_SECRET);
if (StringUtils.isNotEmpty(clientSecret)) {
sandboxEndpointSecurity.put(APIConstants.OAuthConstants.OAUTH_CLIENT_SECRET, new String(cryptoUtil.base64DecodeAndDecrypt(clientSecret)));
}
}
endpointSecurity.put(APIConstants.OAuthConstants.ENDPOINT_SECURITY_SANDBOX, sandboxEndpointSecurity);
endpointConfigJson.put(APIConstants.ENDPOINT_SECURITY, endpointSecurity);
}
JSONObject jsonObject = handleEndpointSecurity(model, (JSONObject) endpointConfigJson.get(APIConstants.ENDPOINT_SECURITY), preserveCredentials);
endpointConfigJson.put(APIConstants.ENDPOINT_SECURITY, jsonObject);
}
dto.setEndpointConfig(endpointConfigJson);
} catch (ParseException e) {
// logs the error and continues as this is not a blocker
log.error("Cannot convert endpoint configurations when setting endpoint for API. " + "API ID = " + model.getId(), e);
} catch (CryptoException e) {
log.error("Error while decrypting client credentials for API: " + model.getId(), e);
}
}
dto.setHasThumbnail(!StringUtils.isBlank(model.getThumbnailUrl()));
List<MediationPolicyDTO> mediationPolicies = new ArrayList<>();
String inMedPolicyName = model.getInSequence();
if (inMedPolicyName != null && !inMedPolicyName.isEmpty()) {
String type = APIConstants.API_CUSTOM_SEQUENCE_TYPE_IN;
Mediation mediation = model.getInSequenceMediation();
String mediationPolicyUUID = (mediation != null) ? mediation.getUuid() : null;
boolean sharedStatus = (mediation != null) ? mediation.isGlobal() : false;
MediationPolicyDTO inMedPolicy = new MediationPolicyDTO();
inMedPolicy.setName(inMedPolicyName);
inMedPolicy.setType(type.toUpperCase());
inMedPolicy.setShared(sharedStatus);
inMedPolicy.setId(mediationPolicyUUID);
mediationPolicies.add(inMedPolicy);
}
String outMedPolicyName = model.getOutSequence();
if (outMedPolicyName != null && !outMedPolicyName.isEmpty()) {
String type = APIConstants.API_CUSTOM_SEQUENCE_TYPE_OUT;
Mediation mediation = model.getOutSequenceMediation();
String mediationPolicyUUID = (mediation != null) ? mediation.getUuid() : null;
boolean sharedStatus = (mediation != null) ? mediation.isGlobal() : false;
MediationPolicyDTO outMedPolicy = new MediationPolicyDTO();
outMedPolicy.setName(outMedPolicyName);
outMedPolicy.setType(type.toUpperCase());
outMedPolicy.setShared(sharedStatus);
outMedPolicy.setId(mediationPolicyUUID);
mediationPolicies.add(outMedPolicy);
}
String faultSequenceName = model.getFaultSequence();
if (faultSequenceName != null && !faultSequenceName.isEmpty()) {
String type = APIConstants.API_CUSTOM_SEQUENCE_TYPE_FAULT;
Mediation mediation = model.getFaultSequenceMediation();
String mediationPolicyUUID = (mediation != null) ? mediation.getUuid() : null;
boolean sharedStatus = (mediation != null) ? mediation.isGlobal() : false;
MediationPolicyDTO faultMedPolicy = new MediationPolicyDTO();
faultMedPolicy.setName(faultSequenceName);
faultMedPolicy.setType(type.toUpperCase());
faultMedPolicy.setShared(sharedStatus);
faultMedPolicy.setId(mediationPolicyUUID);
mediationPolicies.add(faultMedPolicy);
}
dto.setMediationPolicies(mediationPolicies);
dto.setLifeCycleStatus(model.getStatus());
String subscriptionAvailability = model.getSubscriptionAvailability();
if (subscriptionAvailability != null) {
dto.setSubscriptionAvailability(mapSubscriptionAvailabilityFromAPItoDTO(subscriptionAvailability));
}
if (model.getSubscriptionAvailableTenants() != null) {
dto.setSubscriptionAvailableTenants(Arrays.asList(model.getSubscriptionAvailableTenants().split(",")));
}
String tenantDomain = MultitenantUtils.getTenantDomain(APIUtil.replaceEmailDomainBack(model.getId().getProviderName()));
boolean isAsyncAPI = APIDTO.TypeEnum.WS.toString().equals(model.getType()) || APIDTO.TypeEnum.WEBSUB.toString().equals(model.getType()) || APIDTO.TypeEnum.SSE.toString().equals(model.getType()) || APIDTO.TypeEnum.ASYNC.toString().equals(model.getType());
// Get Swagger definition which has URL templates, scopes and resource details
model.getId().setUuid(model.getUuid());
if (!isAsyncAPI) {
// Get from swagger definition
List<APIOperationsDTO> apiOperationsDTO;
String apiSwaggerDefinition;
if (model.getSwaggerDefinition() != null) {
apiSwaggerDefinition = model.getSwaggerDefinition();
} else {
apiSwaggerDefinition = apiProvider.getOpenAPIDefinition(model.getId(), tenantDomain);
}
// We will fetch operations from the swagger definition and not from the AM_API_URL_MAPPING table: table
// entries may have API level throttling tiers listed in case API level throttling is selected for the API.
// This will lead the x-throttling-tiers of API definition to get overwritten. (wso2/product-apim#11240)
apiOperationsDTO = getOperationsFromSwaggerDef(model, apiSwaggerDefinition);
// since the operation details goes missing after fetching operations list from the swagger definition, we
// have to set them back from the original API model.
setOperationPoliciesToOperationsDTO(model, apiOperationsDTO);
dto.setOperations(apiOperationsDTO);
List<ScopeDTO> scopeDTOS = getScopesFromSwagger(apiSwaggerDefinition);
dto.setScopes(getAPIScopesFromScopeDTOs(scopeDTOS, apiProvider));
} else {
// Get from asyncapi definition
List<APIOperationsDTO> apiOperationsDTO = getOperationsFromAPI(model);
dto.setOperations(apiOperationsDTO);
String asyncAPIDefinition;
if (model.getAsyncApiDefinition() != null) {
asyncAPIDefinition = model.getAsyncApiDefinition();
} else {
asyncAPIDefinition = apiProvider.getAsyncAPIDefinition(model.getId().getUUID(), tenantDomain);
}
if (asyncAPIDefinition != null) {
List<ScopeDTO> scopeDTOS = getScopesFromAsyncAPI(asyncAPIDefinition);
dto.setScopes(getAPIScopesFromScopeDTOs(scopeDTOS, apiProvider));
}
}
Set<String> apiTags = model.getTags();
List<String> tagsToReturn = new ArrayList<>();
tagsToReturn.addAll(apiTags);
dto.setTags(tagsToReturn);
Set<org.wso2.carbon.apimgt.api.model.Tier> apiTiers = model.getAvailableTiers();
List<String> tiersToReturn = new ArrayList<>();
for (org.wso2.carbon.apimgt.api.model.Tier tier : apiTiers) {
tiersToReturn.add(tier.getName());
}
dto.setPolicies(tiersToReturn);
dto.setApiThrottlingPolicy(model.getApiLevelPolicy());
// APIs created with type set to "NULL" will be considered as "HTTP"
if (model.getType() == null || model.getType().toLowerCase().equals("null")) {
dto.setType(APIDTO.TypeEnum.HTTP);
} else {
dto.setType(APIDTO.TypeEnum.fromValue(model.getType()));
}
if (!APIConstants.APITransportType.WS.toString().equals(model.getType())) {
if (StringUtils.isEmpty(model.getTransports())) {
List<String> transports = new ArrayList<>();
transports.add(APIConstants.HTTPS_PROTOCOL);
dto.setTransport(transports);
}
dto.setTransport(Arrays.asList(model.getTransports().split(",")));
}
if (StringUtils.isEmpty(model.getTransports())) {
dto.setVisibility(APIDTO.VisibilityEnum.PUBLIC);
}
dto.setVisibility(mapVisibilityFromAPItoDTO(model.getVisibility()));
if (model.getVisibleRoles() != null) {
dto.setVisibleRoles(Arrays.asList(model.getVisibleRoles().split(",")));
}
if (model.getVisibleTenants() != null) {
dto.setVisibleRoles(Arrays.asList(model.getVisibleTenants().split(",")));
}
if (model.getAdditionalProperties() != null) {
JSONObject additionalProperties = model.getAdditionalProperties();
List<APIInfoAdditionalPropertiesDTO> additionalPropertiesList = new ArrayList<>();
Map<String, APIInfoAdditionalPropertiesMapDTO> additionalPropertiesMap = new HashMap<>();
for (Object propertyKey : additionalProperties.keySet()) {
APIInfoAdditionalPropertiesDTO additionalPropertiesDTO = new APIInfoAdditionalPropertiesDTO();
APIInfoAdditionalPropertiesMapDTO apiInfoAdditionalPropertiesMapDTO = new APIInfoAdditionalPropertiesMapDTO();
String key = (String) propertyKey;
int index = key.lastIndexOf(APIConstants.API_RELATED_CUSTOM_PROPERTIES_SURFIX);
additionalPropertiesDTO.setValue((String) additionalProperties.get(key));
apiInfoAdditionalPropertiesMapDTO.setValue((String) additionalProperties.get(key));
if (index > 0) {
additionalPropertiesDTO.setName(key.substring(0, index));
apiInfoAdditionalPropertiesMapDTO.setName(key.substring(0, index));
additionalPropertiesDTO.setDisplay(true);
} else {
additionalPropertiesDTO.setName(key);
apiInfoAdditionalPropertiesMapDTO.setName(key);
additionalPropertiesDTO.setDisplay(false);
}
apiInfoAdditionalPropertiesMapDTO.setDisplay(false);
additionalPropertiesMap.put(key, apiInfoAdditionalPropertiesMapDTO);
additionalPropertiesList.add(additionalPropertiesDTO);
}
dto.setAdditionalProperties(additionalPropertiesList);
dto.setAdditionalPropertiesMap(additionalPropertiesMap);
}
if (model.getImplementation() != null) {
dto.setEndpointImplementationType(APIDTO.EndpointImplementationTypeEnum.valueOf(model.getImplementation()));
}
dto.setAccessControl(APIConstants.API_RESTRICTED_VISIBILITY.equals(model.getAccessControl()) ? APIDTO.AccessControlEnum.RESTRICTED : APIDTO.AccessControlEnum.NONE);
if (model.getAccessControlRoles() != null) {
dto.setAccessControlRoles(Arrays.asList(model.getAccessControlRoles().split(",")));
}
APIBusinessInformationDTO apiBusinessInformationDTO = new APIBusinessInformationDTO();
apiBusinessInformationDTO.setBusinessOwner(model.getBusinessOwner());
apiBusinessInformationDTO.setBusinessOwnerEmail(model.getBusinessOwnerEmail());
apiBusinessInformationDTO.setTechnicalOwner(model.getTechnicalOwner());
apiBusinessInformationDTO.setTechnicalOwnerEmail(model.getTechnicalOwnerEmail());
dto.setBusinessInformation(apiBusinessInformationDTO);
APICorsConfigurationDTO apiCorsConfigurationDTO = new APICorsConfigurationDTO();
CORSConfiguration corsConfiguration = model.getCorsConfiguration();
if (corsConfiguration == null) {
corsConfiguration = APIUtil.getDefaultCorsConfiguration();
}
apiCorsConfigurationDTO.setAccessControlAllowOrigins(corsConfiguration.getAccessControlAllowOrigins());
apiCorsConfigurationDTO.setAccessControlAllowHeaders(corsConfiguration.getAccessControlAllowHeaders());
apiCorsConfigurationDTO.setAccessControlAllowMethods(corsConfiguration.getAccessControlAllowMethods());
apiCorsConfigurationDTO.setCorsConfigurationEnabled(corsConfiguration.isCorsConfigurationEnabled());
apiCorsConfigurationDTO.setAccessControlAllowCredentials(corsConfiguration.isAccessControlAllowCredentials());
dto.setCorsConfiguration(apiCorsConfigurationDTO);
WebsubSubscriptionConfigurationDTO websubSubscriptionConfigurationDTO = new WebsubSubscriptionConfigurationDTO();
WebsubSubscriptionConfiguration websubSubscriptionConfiguration = model.getWebsubSubscriptionConfiguration();
if (websubSubscriptionConfiguration == null) {
websubSubscriptionConfiguration = APIUtil.getDefaultWebsubSubscriptionConfiguration();
}
websubSubscriptionConfigurationDTO.setEnable(websubSubscriptionConfiguration.isEnable());
websubSubscriptionConfigurationDTO.setSecret(websubSubscriptionConfiguration.getSecret());
websubSubscriptionConfigurationDTO.setSigningAlgorithm(websubSubscriptionConfiguration.getSigningAlgorithm());
websubSubscriptionConfigurationDTO.setSignatureHeader(websubSubscriptionConfiguration.getSignatureHeader());
dto.setWebsubSubscriptionConfiguration(websubSubscriptionConfigurationDTO);
if (model.getWsdlUrl() != null) {
WSDLInfoDTO wsdlInfoDTO = getWsdlInfoDTO(model);
dto.setWsdlInfo(wsdlInfoDTO);
}
dto.setWsdlUrl(model.getWsdlUrl());
setEndpointSecurityFromModelToApiDTO(model, dto, preserveCredentials);
setMaxTpsFromModelToApiDTO(model, dto);
dto.setAuthorizationHeader(model.getAuthorizationHeader());
if (model.getApiSecurity() != null) {
dto.setSecurityScheme(Arrays.asList(model.getApiSecurity().split(",")));
}
if (null != model.getLastUpdated()) {
Date lastUpdateDate = model.getLastUpdated();
Timestamp timeStamp = new Timestamp(lastUpdateDate.getTime());
dto.setLastUpdatedTime(String.valueOf(timeStamp));
}
if (null != model.getCreatedTime()) {
Date created = new Date(Long.parseLong(model.getCreatedTime()));
Timestamp timeStamp = new Timestamp(created.getTime());
dto.setCreatedTime(String.valueOf(timeStamp.getTime()));
}
dto.setWorkflowStatus(model.getWorkflowStatus());
List<APICategory> apiCategories = model.getApiCategories();
List<String> categoryNameList = new ArrayList<>();
if (apiCategories != null && !apiCategories.isEmpty()) {
for (APICategory category : apiCategories) {
categoryNameList.add(category.getName());
}
}
dto.setCategories(categoryNameList);
dto.setKeyManagers(model.getKeyManagers());
if (model.getAudience() != null) {
dto.setAudience(AudienceEnum.valueOf(model.getAudience()));
}
dto.setGatewayVendor(StringUtils.toRootLowerCase(model.getGatewayVendor()));
if (model.getAsyncTransportProtocols() != null) {
dto.setAsyncTransportProtocols(Arrays.asList(model.getAsyncTransportProtocols().split(",")));
}
return dto;
}
use of org.wso2.carbon.apimgt.api.model.EndpointSecurity in project carbon-apimgt by wso2.
the class APIProviderImpl method addAPI.
/**
* Adds a new API to the Store
*
* @param api API
* @throws org.wso2.carbon.apimgt.api.APIManagementException if failed to add API
*/
public API addAPI(API api) throws APIManagementException {
validateApiInfo(api);
String tenantDomain = MultitenantUtils.getTenantDomain(APIUtil.replaceEmailDomainBack(api.getId().getProviderName()));
validateResourceThrottlingTiers(api, tenantDomain);
validateKeyManagers(api);
String apiName = api.getId().getApiName();
String provider = APIUtil.replaceEmailDomain(api.getId().getProviderName());
if (api.isEndpointSecured() && StringUtils.isEmpty(api.getEndpointUTPassword())) {
String errorMessage = "Empty password is given for endpointSecurity when creating API " + apiName;
throw new APIManagementException(errorMessage);
}
// Validate Transports
validateAndSetTransports(api);
validateAndSetAPISecurity(api);
RegistryService registryService = ServiceReferenceHolder.getInstance().getRegistryService();
// Add default API LC if it is not there
try {
if (!CommonUtil.lifeCycleExists(APIConstants.API_LIFE_CYCLE, registryService.getConfigSystemRegistry(tenantId))) {
String defaultLifecyclePath = CommonUtil.getDefaltLifecycleConfigLocation() + File.separator + APIConstants.API_LIFE_CYCLE + APIConstants.XML_EXTENSION;
File file = new File(defaultLifecyclePath);
String content = null;
if (file != null && file.exists()) {
content = FileUtils.readFileToString(file);
}
if (content != null) {
CommonUtil.addLifecycle(content, registryService.getConfigSystemRegistry(tenantId), CommonUtil.getRootSystemRegistry(tenantId));
}
}
} catch (RegistryException e) {
handleException("Error occurred while adding default APILifeCycle.", e);
} catch (IOException e) {
handleException("Error occurred while loading APILifeCycle.xml.", e);
} catch (XMLStreamException e) {
handleException("Error occurred while adding default API LifeCycle.", e);
}
// Set version timestamp to the API
String latestTimestamp = calculateVersionTimestamp(provider, apiName, api.getId().getVersion(), api.getOrganization());
api.setVersionTimestamp(latestTimestamp);
try {
PublisherAPI addedAPI = apiPersistenceInstance.addAPI(new Organization(api.getOrganization()), APIMapper.INSTANCE.toPublisherApi(api));
api.setUuid(addedAPI.getId());
api.setCreatedTime(addedAPI.getCreatedTime());
} catch (APIPersistenceException e) {
throw new APIManagementException("Error while persisting API ", e);
}
if (log.isDebugEnabled()) {
log.debug("API details successfully added to the registry. API Name: " + api.getId().getApiName() + ", API Version : " + api.getId().getVersion() + ", API context : " + api.getContext());
}
int tenantId = APIUtil.getInternalOrganizationId(api.getOrganization());
addAPI(api, tenantId);
JSONObject apiLogObject = new JSONObject();
apiLogObject.put(APIConstants.AuditLogConstants.NAME, api.getId().getApiName());
apiLogObject.put(APIConstants.AuditLogConstants.CONTEXT, api.getContext());
apiLogObject.put(APIConstants.AuditLogConstants.VERSION, api.getId().getVersion());
apiLogObject.put(APIConstants.AuditLogConstants.PROVIDER, api.getId().getProviderName());
APIUtil.logAuditMessage(APIConstants.AuditLogConstants.API, apiLogObject.toString(), APIConstants.AuditLogConstants.CREATED, this.username);
if (log.isDebugEnabled()) {
log.debug("API details successfully added to the API Manager Database. API Name: " + api.getId().getApiName() + ", API Version : " + api.getId().getVersion() + ", API context : " + api.getContext());
}
if (APIUtil.isAPIManagementEnabled()) {
Cache contextCache = APIUtil.getAPIContextCache();
Boolean apiContext = null;
Object cachedObject = contextCache.get(api.getContext());
if (cachedObject != null) {
apiContext = Boolean.valueOf(cachedObject.toString());
}
if (apiContext == null) {
contextCache.put(api.getContext(), Boolean.TRUE);
}
}
if ("null".equals(api.getAccessControlRoles())) {
api.setAccessControlRoles(null);
}
// notify key manager with API addition
registerOrUpdateResourceInKeyManager(api, tenantDomain);
return api;
}
use of org.wso2.carbon.apimgt.api.model.EndpointSecurity in project carbon-apimgt by wso2.
the class APIProviderImpl method createAPI.
/**
* Create an Api
*
* @param api API
* @throws APIManagementException if failed to create API
*/
protected String createAPI(API api) throws APIManagementException {
GenericArtifactManager artifactManager = APIUtil.getArtifactManager(registry, APIConstants.API_KEY);
if (artifactManager == null) {
String errorMessage = "Failed to retrieve artifact manager when creating API " + api.getId().getApiName();
log.error(errorMessage);
throw new APIManagementException(errorMessage);
}
if (api.isEndpointSecured() && StringUtils.isEmpty(api.getEndpointUTPassword())) {
String errorMessage = "Empty password is given for endpointSecurity when creating API " + api.getId().getApiName();
throw new APIManagementException(errorMessage);
}
// Validate Transports
validateAndSetTransports(api);
validateAndSetAPISecurity(api);
boolean transactionCommitted = false;
String apiUUID = null;
try {
registry.beginTransaction();
GenericArtifact genericArtifact = artifactManager.newGovernanceArtifact(new QName(api.getId().getApiName()));
if (genericArtifact == null) {
String errorMessage = "Generic artifact is null when creating API " + api.getId().getApiName();
log.error(errorMessage);
throw new APIManagementException(errorMessage);
}
GenericArtifact artifact = APIUtil.createAPIArtifactContent(genericArtifact, api);
artifactManager.addGenericArtifact(artifact);
// Attach the API lifecycle
artifact.attachLifecycle(APIConstants.API_LIFE_CYCLE);
String artifactPath = GovernanceUtils.getArtifactPath(registry, artifact.getId());
String providerPath = APIUtil.getAPIProviderPath(api.getId());
// provider ------provides----> API
registry.addAssociation(providerPath, artifactPath, APIConstants.PROVIDER_ASSOCIATION);
Set<String> tagSet = api.getTags();
if (tagSet != null) {
for (String tag : tagSet) {
registry.applyTag(artifactPath, tag);
}
}
if (APIUtil.isValidWSDLURL(api.getWsdlUrl(), false)) {
String path = APIUtil.createWSDL(registry, api);
updateWSDLUriInAPIArtifact(path, artifactManager, artifact, artifactPath);
}
if (api.getWsdlResource() != null) {
String path = APIUtil.saveWSDLResource(registry, api);
updateWSDLUriInAPIArtifact(path, artifactManager, artifact, artifactPath);
}
// write API Status to a separate property. This is done to support querying APIs using custom query (SQL)
// to gain performance
String apiStatus = api.getStatus();
saveAPIStatus(artifactPath, apiStatus);
String visibleRolesList = api.getVisibleRoles();
String[] visibleRoles = new String[0];
if (visibleRolesList != null) {
visibleRoles = visibleRolesList.split(",");
}
String publisherAccessControlRoles = api.getAccessControlRoles();
updateRegistryResources(artifactPath, publisherAccessControlRoles, api.getAccessControl(), api.getAdditionalProperties());
APIUtil.setResourcePermissions(api.getId().getProviderName(), api.getVisibility(), visibleRoles, artifactPath, registry);
registry.commitTransaction();
transactionCommitted = true;
if (log.isDebugEnabled()) {
String logMessage = "API Name: " + api.getId().getApiName() + ", API Version " + api.getId().getVersion() + " created";
log.debug(logMessage);
}
apiUUID = artifact.getId();
} catch (RegistryException e) {
try {
registry.rollbackTransaction();
} catch (RegistryException re) {
// Throwing an error here would mask the original exception
log.error("Error while rolling back the transaction for API: " + api.getId().getApiName(), re);
}
handleException("Error while performing registry transaction operation", e);
} catch (APIManagementException e) {
handleException("Error while creating API", e);
} finally {
try {
if (!transactionCommitted) {
registry.rollbackTransaction();
}
} catch (RegistryException ex) {
handleException("Error while rolling back the transaction for API: " + api.getId().getApiName(), ex);
}
}
return apiUUID;
}
Aggregations