use of org.wso2.carbon.apimgt.api.model.Environment in project carbon-apimgt by wso2.
the class AuthenticatorService method getTokens.
/**
* This method returns the access tokens for a given application.
*
* @param appName Name of the application which needs to get tokens
* @param grantType Grant type of the application
* @param userName User name of the user
* @param password Password of the user
* @param refreshToken Refresh token
* @param validityPeriod Validity period of tokens
* @param authorizationCode Authorization Code
* @return AccessTokenInfo - An object with the generated access token information
* @throws APIManagementException When receiving access tokens fails
*/
public AccessTokenInfo getTokens(String appName, String grantType, String userName, String password, String refreshToken, long validityPeriod, String authorizationCode, String assertion, IdentityProvider identityProvider) throws APIManagementException {
AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
AccessTokenRequest accessTokenRequest = new AccessTokenRequest();
MultiEnvironmentOverview multiEnvironmentOverviewConfigs = apimConfigurationService.getEnvironmentConfigurations().getMultiEnvironmentOverview();
boolean isMultiEnvironmentOverviewEnabled = multiEnvironmentOverviewConfigs.isEnabled();
// Get scopes of the application
String scopes = getApplicationScopes(appName);
log.debug("Set scopes for {} application using swagger definition.", appName);
// TODO: Get Consumer Key & Secret without creating a new app, from the IS side
Map<String, String> consumerKeySecretMap = getConsumerKeySecret(appName);
log.debug("Received consumer key & secret for {} application.", appName);
try {
if (KeyManagerConstants.AUTHORIZATION_CODE_GRANT_TYPE.equals(grantType)) {
// Access token for authorization code grant type
APIMAppConfigurations appConfigs = apimAppConfigurationService.getApimAppConfigurations();
String callBackURL = appConfigs.getApimBaseUrl() + AuthenticatorConstants.AUTHORIZATION_CODE_CALLBACK_URL + appName;
if (authorizationCode != null) {
// Get Access & Refresh Tokens
accessTokenRequest.setClientId(consumerKeySecretMap.get("CONSUMER_KEY"));
accessTokenRequest.setClientSecret(consumerKeySecretMap.get("CONSUMER_SECRET"));
accessTokenRequest.setGrantType(grantType);
accessTokenRequest.setAuthorizationCode(authorizationCode);
accessTokenRequest.setScopes(scopes);
accessTokenRequest.setValidityPeriod(validityPeriod);
accessTokenRequest.setCallbackURI(callBackURL);
accessTokenInfo = getKeyManager().getNewAccessToken(accessTokenRequest);
} else {
String errorMsg = "No Authorization Code available.";
log.error(errorMsg, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
throw new APIManagementException(errorMsg, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
}
} else if (KeyManagerConstants.PASSWORD_GRANT_TYPE.equals(grantType)) {
// Access token for password code grant type
accessTokenRequest = AuthUtil.createAccessTokenRequest(userName, password, grantType, refreshToken, null, validityPeriod, scopes, consumerKeySecretMap.get("CONSUMER_KEY"), consumerKeySecretMap.get("CONSUMER_SECRET"));
accessTokenInfo = getKeyManager().getNewAccessToken(accessTokenRequest);
} else if (KeyManagerConstants.REFRESH_GRANT_TYPE.equals(grantType)) {
accessTokenRequest = AuthUtil.createAccessTokenRequest(userName, password, grantType, refreshToken, null, validityPeriod, scopes, consumerKeySecretMap.get("CONSUMER_KEY"), consumerKeySecretMap.get("CONSUMER_SECRET"));
accessTokenInfo = getKeyManager().getNewAccessToken(accessTokenRequest);
} else if (isMultiEnvironmentOverviewEnabled) {
// JWT or Custom grant type
accessTokenRequest.setClientId(consumerKeySecretMap.get("CONSUMER_KEY"));
accessTokenRequest.setClientSecret(consumerKeySecretMap.get("CONSUMER_SECRET"));
accessTokenRequest.setAssertion(assertion);
// Pass grant type to extend a custom grant instead of JWT grant in the future
accessTokenRequest.setGrantType(KeyManagerConstants.JWT_GRANT_TYPE);
accessTokenRequest.setScopes(scopes);
accessTokenRequest.setValidityPeriod(validityPeriod);
accessTokenInfo = getKeyManager().getNewAccessToken(accessTokenRequest);
String usernameFromJWT = getUsernameFromJWT(accessTokenInfo.getIdToken());
try {
identityProvider.getIdOfUser(usernameFromJWT);
} catch (IdentityProviderException e) {
String errorMsg = "User " + usernameFromJWT + " does not exists in this environment.";
throw new APIManagementException(errorMsg, e, ExceptionCodes.USER_NOT_AUTHENTICATED);
}
}
} catch (KeyManagementException e) {
String errorMsg = "Error while receiving tokens for OAuth application : " + appName;
log.error(errorMsg, e, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
throw new APIManagementException(errorMsg, e, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
}
log.debug("Received access token for {} application.", appName);
return accessTokenInfo;
}
use of org.wso2.carbon.apimgt.api.model.Environment in project carbon-apimgt by wso2.
the class ConfigurationsAPI method environments.
/**
* Get environment configurations from deployment.yaml and returns the list of environments
*
* @return Response List of environments: {"environments":[
* {"host":"localhost:9292","loginTokenPath":"/login/token","label":"Development"},
* {"host":"localhost:9293","loginTokenPath":"/login/token","label":"Production"}
* ]}
*/
@GET
@Path("/environments")
@Produces(MediaType.APPLICATION_JSON)
public Response environments() {
APIMUIConfigurations apimUIConfigurations = ConfigurationService.getInstance().getApimUIConfigurations();
EnvironmentConfigBean environmentConfigBean = new EnvironmentConfigBean();
environmentConfigBean.setEnvironments(apimUIConfigurations.getEnvironments());
return Response.ok(environmentConfigBean, MediaType.APPLICATION_JSON).build();
}
use of org.wso2.carbon.apimgt.api.model.Environment in project wso2-synapse by wso2.
the class JmxAdapter method createContextMap.
/**
* Creates an environment context map containing the configuration used to start the
* server connector.
*
* @return an environment context map containing the configuration used to start the server
* connector
*/
private Map<String, Object> createContextMap() {
Map<String, Object> env = new HashMap<String, Object>();
if (jmxInformation.isAuthenticate()) {
if (jmxInformation.getRemotePasswordFile() != null) {
env.put("jmx.remote.x.password.file", jmxInformation.getRemotePasswordFile());
} else {
SecretInformation secretInformation = jmxInformation.getSecretInformation();
// Get the global secret resolver
// TODO This should be properly implemented if JMX adapter is going to use out side synapse
PasswordManager pwManager = PasswordManager.getInstance();
if (pwManager.isInitialized()) {
secretInformation.setGlobalSecretResolver(pwManager.getSecretResolver());
}
env.put(JMXConnectorServer.AUTHENTICATOR, new JmxSecretAuthenticator(jmxInformation.getSecretInformation()));
}
if (jmxInformation.getRemoteAccessFile() != null) {
env.put("jmx.remote.x.access.file", jmxInformation.getRemoteAccessFile());
}
} else {
log.warn("Using unsecured JMX remote access!");
}
if (jmxInformation.isRemoteSSL()) {
log.info("Activated SSL communication");
env.put("jmx.remote.rmi.client.socket.factory", new SslRMIClientSocketFactory());
env.put("jmx.remote.rmi.server.socket.factory", new SslRMIServerSocketFactory());
}
return env;
}
use of org.wso2.carbon.apimgt.api.model.Environment in project airavata by apache.
the class Wso2IdentityServerClient method getAdminServiceClient.
public static RemoteUserStoreManagerServiceStub getAdminServiceClient(String adminUserName, String adminPassword, String adminService) {
/**
* trust store path. this must contains server's certificate or Server's CA chain
*/
/* The below code snippet is intentionally commented for the build to pass,
* because the private key and certificate file are not committed to GitHub,
* which are needed to run the client */
// String trustStore = System.getProperty("user.dir") + File.separator +
// "modules" + File.separator + "user-profile-migration" + File.separator +
// "src" + File.separator + "main" + File.separator +
// "resources" + File.separator + "wso2carbon.jks";
// System.out.println("file path : " + trustStore);
/**
* Call to https://localhost:9443/services/ uses HTTPS protocol.
* Therefore we to validate the server certificate or CA chain. The server certificate is looked up in the
* trust store.
* Following code sets what trust-store to look for and its JKs password.
*/
// System.setProperty("javax.net.ssl.trustStore", trustStore );
// System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
// idp.scigap.org:9443 certificate has expired, so the following disables checking the certificate
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
} };
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
SSLContext.setDefault(sc);
} catch (KeyManagementException e) {
throw new RuntimeException(e);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
/**
* Axis2 configuration context
*/
ConfigurationContext configContext;
RemoteUserStoreManagerServiceStub adminStub;
try {
/**
* Create a configuration context. A configuration context contains information for
* axis2 environment. This is needed to create an axis2 service client
*/
configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(null, null);
/**
* end point url with service name
*/
// String serviceEndPoint = SEVER_URL + "RemoteUserStoreManagerService";
String serviceEndPoint = SEVER_URL + adminService;
/**
* create stub and service client
*/
adminStub = new RemoteUserStoreManagerServiceStub(configContext, serviceEndPoint);
ServiceClient client = adminStub._getServiceClient();
Options option = client.getOptions();
/**
* Setting a authenticated cookie that is received from Carbon server.
* If you have authenticated with Carbon server earlier, you can use that cookie, if
* it has not been expired
*/
option.setProperty(HTTPConstants.COOKIE_STRING, null);
/**
* Setting basic auth headers for authentication for carbon server
*/
HttpTransportProperties.Authenticator auth = new HttpTransportProperties.Authenticator();
auth.setUsername(adminUserName);
auth.setPassword(adminPassword);
auth.setPreemptiveAuthentication(true);
option.setProperty(HTTPConstants.AUTHENTICATE, auth);
option.setManageSession(true);
return adminStub;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
use of org.wso2.carbon.apimgt.api.model.Environment in project ballerina by ballerina-lang.
the class SemanticAnalyzer method visit.
@Override
public void visit(BLangForkJoin forkJoin) {
SymbolEnv forkJoinEnv = SymbolEnv.createFolkJoinEnv(forkJoin, this.env);
forkJoin.workers.forEach(e -> this.symbolEnter.defineNode(e, forkJoinEnv));
forkJoin.workers.forEach(e -> this.analyzeDef(e, forkJoinEnv));
if (!this.isJoinResultType(forkJoin.joinResultVar)) {
this.dlog.error(forkJoin.joinResultVar.pos, DiagnosticCode.INVALID_WORKER_JOIN_RESULT_TYPE);
}
/* create code black and environment for join result section, i.e. (map results) */
BLangBlockStmt joinResultsBlock = this.generateCodeBlock(this.createVarDef(forkJoin.joinResultVar));
SymbolEnv joinResultsEnv = SymbolEnv.createBlockEnv(joinResultsBlock, this.env);
this.analyzeNode(joinResultsBlock, joinResultsEnv);
/* create an environment for the join body, making the enclosing environment the earlier
* join result's environment */
SymbolEnv joinBodyEnv = SymbolEnv.createBlockEnv(forkJoin.joinedBody, joinResultsEnv);
this.analyzeNode(forkJoin.joinedBody, joinBodyEnv);
if (forkJoin.timeoutExpression != null) {
if (!this.isJoinResultType(forkJoin.timeoutVariable)) {
this.dlog.error(forkJoin.timeoutVariable.pos, DiagnosticCode.INVALID_WORKER_TIMEOUT_RESULT_TYPE);
}
/* create code black and environment for timeout section */
BLangBlockStmt timeoutVarBlock = this.generateCodeBlock(this.createVarDef(forkJoin.timeoutVariable));
SymbolEnv timeoutVarEnv = SymbolEnv.createBlockEnv(timeoutVarBlock, this.env);
this.typeChecker.checkExpr(forkJoin.timeoutExpression, timeoutVarEnv, Arrays.asList(symTable.intType));
this.analyzeNode(timeoutVarBlock, timeoutVarEnv);
/* create an environment for the timeout body, making the enclosing environment the earlier
* timeout var's environment */
SymbolEnv timeoutBodyEnv = SymbolEnv.createBlockEnv(forkJoin.timeoutBody, timeoutVarEnv);
this.analyzeNode(forkJoin.timeoutBody, timeoutBodyEnv);
}
this.validateJoinWorkerList(forkJoin, forkJoinEnv);
}
Aggregations