Search in sources :

Example 11 with OperationPolicy

use of org.wso2.carbon.apimgt.api.model.OperationPolicy in project carbon-apimgt by wso2.

the class ImportUtils method importApi.

/**
 * This method imports an API.
 *
 * @param extractedFolderPath            Location of the extracted folder of the API
 * @param importedApiDTO                 API DTO of the importing API
 *                                       (This will not be null when importing dependent APIs with API Products)
 * @param preserveProvider               Decision to keep or replace the provider
 * @param overwrite                      Whether to update the API or not
 * @param tokenScopes                    Scopes of the token
 * @param dependentAPIParamsConfigObject Params configuration of an API (this will not be null if a dependent API
 *                                       of an
 *                                       API product wants to override the parameters)
 * @param organization  Identifier of an Organization
 * @throws APIImportExportException If there is an error in importing an API
 * @@return Imported API
 */
public static API importApi(String extractedFolderPath, APIDTO importedApiDTO, Boolean preserveProvider, Boolean rotateRevision, Boolean overwrite, Boolean dependentAPIFromProduct, String[] tokenScopes, JsonObject dependentAPIParamsConfigObject, String organization) throws APIManagementException {
    String userName = RestApiCommonUtil.getLoggedInUsername();
    APIDefinitionValidationResponse validationResponse = null;
    String graphQLSchema = null;
    API importedApi = null;
    String currentStatus;
    String targetStatus;
    String lifecycleAction;
    GraphqlComplexityInfo graphqlComplexityInfo = null;
    int tenantId = 0;
    JsonArray deploymentInfoArray = null;
    JsonObject paramsConfigObject;
    try {
        if (importedApiDTO == null) {
            JsonElement jsonObject = retrieveValidatedDTOObject(extractedFolderPath, preserveProvider, userName, ImportExportConstants.TYPE_API);
            importedApiDTO = new Gson().fromJson(jsonObject, APIDTO.class);
        }
        // If the provided dependent APIs params config is null, it means this happening when importing an API (not
        // because when importing a dependent API of an API Product). Hence, try to retrieve the definition from
        // the API folder path
        paramsConfigObject = (dependentAPIParamsConfigObject != null) ? dependentAPIParamsConfigObject : APIControllerUtil.resolveAPIControllerEnvParams(extractedFolderPath);
        // If above the params configurations are not null, then resolve those
        if (paramsConfigObject != null) {
            importedApiDTO = APIControllerUtil.injectEnvParamsToAPI(importedApiDTO, paramsConfigObject, extractedFolderPath);
            if (!isAdvertiseOnlyAPI(importedApiDTO)) {
                JsonElement deploymentsParam = paramsConfigObject.get(ImportExportConstants.DEPLOYMENT_ENVIRONMENTS);
                if (deploymentsParam != null && !deploymentsParam.isJsonNull()) {
                    deploymentInfoArray = deploymentsParam.getAsJsonArray();
                }
            }
        }
        String apiType = importedApiDTO.getType().toString();
        APIProvider apiProvider = RestApiCommonUtil.getProvider(importedApiDTO.getProvider());
        // Validate swagger content except for streaming APIs
        if (!PublisherCommonUtils.isStreamingAPI(importedApiDTO) && !APIConstants.APITransportType.GRAPHQL.toString().equalsIgnoreCase(apiType)) {
            validationResponse = retrieveValidatedSwaggerDefinitionFromArchive(extractedFolderPath);
        }
        // Validate the GraphQL schema
        if (APIConstants.APITransportType.GRAPHQL.toString().equalsIgnoreCase(apiType)) {
            graphQLSchema = retrieveValidatedGraphqlSchemaFromArchive(extractedFolderPath);
        }
        // Validate the WSDL of SOAP APIs
        if (APIConstants.API_TYPE_SOAP.equalsIgnoreCase(apiType)) {
            validateWSDLFromArchive(extractedFolderPath, importedApiDTO);
        }
        // Validate the AsyncAPI definition of streaming APIs
        if (PublisherCommonUtils.isStreamingAPI(importedApiDTO)) {
            validationResponse = retrieveValidatedAsyncApiDefinitionFromArchive(extractedFolderPath);
        }
        String currentTenantDomain = MultitenantUtils.getTenantDomain(APIUtil.replaceEmailDomainBack(userName));
        // The status of the importing API should be stored separately to do the lifecycle change at the end
        targetStatus = importedApiDTO.getLifeCycleStatus();
        API targetApi = retrieveApiToOverwrite(importedApiDTO.getName(), importedApiDTO.getVersion(), currentTenantDomain, apiProvider, Boolean.TRUE, organization);
        if (isAdvertiseOnlyAPI(importedApiDTO)) {
            processAdvertiseOnlyPropertiesInDTO(importedApiDTO, tokenScopes);
        }
        Map<String, List<OperationPolicy>> extractedPoliciesMap = extractAndDropOperationPoliciesFromURITemplate(importedApiDTO.getOperations());
        // If the overwrite is set to true (which means an update), retrieve the existing API
        if (Boolean.TRUE.equals(overwrite) && targetApi != null) {
            log.info("Existing API found, attempting to update it...");
            currentStatus = targetApi.getStatus();
            // Set the status of imported API to current status of target API when updating
            importedApiDTO.setLifeCycleStatus(currentStatus);
            // when updating an API from the UI there is at least one resource (operation) inside the DTO.
            if (importedApiDTO.getOperations().isEmpty()) {
                setOperationsToDTO(importedApiDTO, validationResponse);
            }
            targetApi.setOrganization(organization);
            importedApi = PublisherCommonUtils.updateApi(targetApi, importedApiDTO, RestApiCommonUtil.getLoggedInUserProvider(), tokenScopes);
        } else {
            if (targetApi == null && Boolean.TRUE.equals(overwrite)) {
                log.info("Cannot find : " + importedApiDTO.getName() + "-" + importedApiDTO.getVersion() + ". Creating it.");
            }
            // Initialize to CREATED when import
            currentStatus = APIStatus.CREATED.toString();
            importedApiDTO.setLifeCycleStatus(currentStatus);
            importedApi = PublisherCommonUtils.addAPIWithGeneratedSwaggerDefinition(importedApiDTO, ImportExportConstants.OAS_VERSION_3, importedApiDTO.getProvider(), organization);
            // Set API definition to validationResponse if the API is imported with sample API definition
            if (validationResponse.isInit()) {
                validationResponse.setContent(importedApi.getSwaggerDefinition());
                validationResponse.setJsonContent(importedApi.getSwaggerDefinition());
            }
        }
        if (!extractedPoliciesMap.isEmpty()) {
            importedApi.setUriTemplates(validateOperationPolicies(importedApi, apiProvider, extractedFolderPath, extractedPoliciesMap, currentTenantDomain));
            apiProvider.updateAPI(importedApi);
        }
        // Retrieving the life cycle action to do the lifecycle state change explicitly later
        lifecycleAction = getLifeCycleAction(currentTenantDomain, currentStatus, targetStatus, apiProvider);
        // Add/update swagger content except for streaming APIs and GraphQL APIs
        if (!PublisherCommonUtils.isStreamingAPI(importedApiDTO) && !APIConstants.APITransportType.GRAPHQL.toString().equalsIgnoreCase(apiType)) {
            // Add the validated swagger separately since the UI does the same procedure
            PublisherCommonUtils.updateSwagger(importedApi.getUuid(), validationResponse, false, organization);
        }
        // Add the GraphQL schema
        if (APIConstants.APITransportType.GRAPHQL.toString().equalsIgnoreCase(apiType)) {
            importedApi.setOrganization(organization);
            PublisherCommonUtils.addGraphQLSchema(importedApi, graphQLSchema, apiProvider);
            graphqlComplexityInfo = retrieveGraphqlComplexityInfoFromArchive(extractedFolderPath, graphQLSchema);
            if (graphqlComplexityInfo != null && graphqlComplexityInfo.getList().size() != 0) {
                apiProvider.addOrUpdateComplexityDetails(importedApi.getUuid(), graphqlComplexityInfo);
            }
        }
        // Add/update Async API definition for streaming APIs
        if (PublisherCommonUtils.isStreamingAPI(importedApiDTO)) {
            // Add the validated Async API definition separately since the UI does the same procedure
            PublisherCommonUtils.updateAsyncAPIDefinition(importedApi.getUuid(), validationResponse, organization);
        }
        tenantId = APIUtil.getTenantId(RestApiCommonUtil.getLoggedInUsername());
        // Since Image, documents, sequences and WSDL are optional, exceptions are logged and ignored in
        // implementation
        ApiTypeWrapper apiTypeWrapperWithUpdatedApi = new ApiTypeWrapper(importedApi);
        addThumbnailImage(extractedFolderPath, apiTypeWrapperWithUpdatedApi, apiProvider);
        addDocumentation(extractedFolderPath, apiTypeWrapperWithUpdatedApi, apiProvider, organization);
        addAPIWsdl(extractedFolderPath, importedApi, apiProvider);
        if (StringUtils.equals(importedApi.getType().toLowerCase(), APIConstants.API_TYPE_SOAPTOREST.toLowerCase())) {
            addSOAPToREST(importedApi, validationResponse.getContent(), apiProvider);
        }
        if (!isAdvertiseOnlyAPI(importedApiDTO)) {
            addAPISequences(extractedFolderPath, importedApi, apiProvider);
            addAPISpecificSequences(extractedFolderPath, importedApi, apiProvider);
            addEndpointCertificates(extractedFolderPath, importedApi, apiProvider, tenantId);
            if (log.isDebugEnabled()) {
                log.debug("Mutual SSL enabled. Importing client certificates.");
            }
            addClientCertificates(extractedFolderPath, apiProvider, preserveProvider, importedApi.getId().getProviderName(), organization);
        }
        // Change API lifecycle if state transition is required
        if (StringUtils.isNotEmpty(lifecycleAction)) {
            apiProvider = RestApiCommonUtil.getLoggedInUserProvider();
            log.info("Changing lifecycle from " + currentStatus + " to " + targetStatus);
            if (StringUtils.equals(lifecycleAction, APIConstants.LC_PUBLISH_LC_STATE)) {
                apiProvider.changeAPILCCheckListItems(importedApi.getId(), ImportExportConstants.REFER_REQUIRE_RE_SUBSCRIPTION_CHECK_ITEM, true);
            }
            apiProvider.changeLifeCycleStatus(currentTenantDomain, new ApiTypeWrapper(importedApi), lifecycleAction, new HashMap<>());
        }
        importedApi.setStatus(targetStatus);
        String tenantDomain = RestApiCommonUtil.getLoggedInUserTenantDomain();
        if (deploymentInfoArray == null && !isAdvertiseOnlyAPI(importedApiDTO)) {
            // If the params have not overwritten the deployment environments, yaml file will be read
            deploymentInfoArray = retrieveDeploymentLabelsFromArchive(extractedFolderPath, dependentAPIFromProduct);
        }
        List<APIRevisionDeployment> apiRevisionDeployments = getValidatedDeploymentsList(deploymentInfoArray, tenantDomain, apiProvider, organization);
        if (apiRevisionDeployments.size() > 0) {
            String importedAPIUuid = importedApi.getUuid();
            String revisionId;
            APIRevision apiRevision = new APIRevision();
            apiRevision.setApiUUID(importedAPIUuid);
            apiRevision.setDescription("Revision created after importing the API");
            try {
                revisionId = apiProvider.addAPIRevision(apiRevision, tenantDomain);
                if (log.isDebugEnabled()) {
                    log.debug("A new revision has been created for API " + importedApi.getId().getApiName() + "_" + importedApi.getId().getVersion());
                }
            } catch (APIManagementException e) {
                // enabled, earliest revision will be deleted before creating a revision again
                if (e.getErrorHandler().getErrorCode() == ExceptionCodes.from(ExceptionCodes.MAXIMUM_REVISIONS_REACHED).getErrorCode() && rotateRevision) {
                    String earliestRevisionUuid = apiProvider.getEarliestRevisionUUID(importedAPIUuid);
                    List<APIRevisionDeployment> deploymentsList = apiProvider.getAPIRevisionDeploymentList(earliestRevisionUuid);
                    // if the earliest revision is already deployed in gateway environments, it will be undeployed
                    // before deleting
                    apiProvider.undeployAPIRevisionDeployment(importedAPIUuid, earliestRevisionUuid, deploymentsList, organization);
                    apiProvider.deleteAPIRevision(importedAPIUuid, earliestRevisionUuid, tenantDomain);
                    revisionId = apiProvider.addAPIRevision(apiRevision, tenantDomain);
                    if (log.isDebugEnabled()) {
                        log.debug("Revision ID: " + earliestRevisionUuid + " has been undeployed from " + deploymentsList.size() + " gateway environments and created a new revision ID: " + revisionId + " for API " + importedApi.getId().getApiName() + "_" + importedApi.getId().getVersion());
                    }
                } else {
                    throw new APIManagementException("Error occurred while creating a new revision for the API: " + importedApi.getId().getApiName(), e);
                }
            }
            // Once the new revision successfully created, artifacts will be deployed in mentioned gateway
            // environments
            apiProvider.deployAPIRevision(importedAPIUuid, revisionId, apiRevisionDeployments, organization);
            if (log.isDebugEnabled()) {
                log.debug("API: " + importedApi.getId().getApiName() + "_" + importedApi.getId().getVersion() + " was deployed in " + apiRevisionDeployments.size() + " gateway environments.");
            }
        } else {
            log.info("Valid deployment environments were not found for the imported artifact. Only working copy " + "was updated and not deployed in any of the gateway environments.");
        }
        return importedApi;
    } catch (CryptoException | IOException e) {
        throw new APIManagementException("Error while reading API meta information from path: " + extractedFolderPath, e, ExceptionCodes.ERROR_READING_META_DATA);
    } catch (FaultGatewaysException e) {
        throw new APIManagementException("Error while updating API: " + importedApi.getId().getApiName(), e);
    } catch (APIMgtAuthorizationFailedException e) {
        throw new APIManagementException("Please enable preserveProvider property for cross tenant API Import.", e, ExceptionCodes.TENANT_MISMATCH);
    } catch (ParseException e) {
        throw new APIManagementException("Error while parsing the endpoint configuration of the API", ExceptionCodes.JSON_PARSE_ERROR);
    } catch (APIManagementException e) {
        String errorMessage = "Error while importing API: ";
        if (importedApi != null) {
            errorMessage += importedApi.getId().getApiName() + StringUtils.SPACE + APIConstants.API_DATA_VERSION + ": " + importedApi.getId().getVersion();
        }
        throw new APIManagementException(errorMessage + StringUtils.SPACE + e.getMessage(), e);
    }
}
Also used : ApiTypeWrapper(org.wso2.carbon.apimgt.api.model.ApiTypeWrapper) APIMgtAuthorizationFailedException(org.wso2.carbon.apimgt.api.APIMgtAuthorizationFailedException) JsonObject(com.google.gson.JsonObject) Gson(com.google.gson.Gson) APIRevisionDeployment(org.wso2.carbon.apimgt.api.model.APIRevisionDeployment) APIProvider(org.wso2.carbon.apimgt.api.APIProvider) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) ArrayList(java.util.ArrayList) List(java.util.List) NodeList(org.w3c.dom.NodeList) GraphqlComplexityInfo(org.wso2.carbon.apimgt.api.model.graphql.queryanalysis.GraphqlComplexityInfo) APIRevision(org.wso2.carbon.apimgt.api.model.APIRevision) FaultGatewaysException(org.wso2.carbon.apimgt.api.FaultGatewaysException) IOException(java.io.IOException) APIDefinitionValidationResponse(org.wso2.carbon.apimgt.api.APIDefinitionValidationResponse) JsonArray(com.google.gson.JsonArray) APIDTO(org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.APIDTO) ProductAPIDTO(org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.ProductAPIDTO) JsonElement(com.google.gson.JsonElement) API(org.wso2.carbon.apimgt.api.model.API) JsonParseException(com.google.gson.JsonParseException) ParseException(org.json.simple.parser.ParseException) CryptoException(org.wso2.carbon.core.util.CryptoException)

Example 12 with OperationPolicy

use of org.wso2.carbon.apimgt.api.model.OperationPolicy in project carbon-apimgt by wso2.

the class ImportUtils method validateOperationPolicies.

public static Set<URITemplate> validateOperationPolicies(API api, APIProvider provider, String extractedFolderPath, Map<String, List<OperationPolicy>> extractedPoliciesMap, String tenantDomain) {
    String policyDirectory = extractedFolderPath + File.separator + ImportExportConstants.POLICIES_DIRECTORY;
    Set<URITemplate> uriTemplates = api.getUriTemplates();
    for (URITemplate uriTemplate : uriTemplates) {
        String key = uriTemplate.getHTTPVerb() + ":" + uriTemplate.getUriTemplate();
        if (extractedPoliciesMap.containsKey(key)) {
            List<OperationPolicy> operationPolicies = extractedPoliciesMap.get(key);
            List<OperationPolicy> validatedOperationPolicies = new ArrayList<>();
            if (operationPolicies != null && !operationPolicies.isEmpty()) {
                for (OperationPolicy policy : operationPolicies) {
                    try {
                        OperationPolicySpecification policySpec = getOperationPolicySpecificationFromFile(policyDirectory, policy.getPolicyName());
                        OperationPolicyData operationPolicyData = new OperationPolicyData();
                        operationPolicyData.setSpecification(policySpec);
                        operationPolicyData.setOrganization(tenantDomain);
                        operationPolicyData.setApiUUID(api.getUuid());
                        OperationPolicyDefinition synapseDefinition = APIUtil.getOperationPolicyDefinitionFromFile(policyDirectory, policy.getPolicyName(), APIConstants.SYNAPSE_POLICY_DEFINITION_EXTENSION);
                        if (synapseDefinition != null) {
                            synapseDefinition.setGatewayType(OperationPolicyDefinition.GatewayType.Synapse);
                            operationPolicyData.setSynapsePolicyDefinition(synapseDefinition);
                        }
                        OperationPolicyDefinition ccDefinition = APIUtil.getOperationPolicyDefinitionFromFile(policyDirectory, policy.getPolicyName(), APIConstants.CC_POLICY_DEFINITION_EXTENSION);
                        if (ccDefinition != null) {
                            ccDefinition.setGatewayType(OperationPolicyDefinition.GatewayType.ChoreoConnect);
                            operationPolicyData.setCcPolicyDefinition(ccDefinition);
                        }
                        operationPolicyData.setMd5Hash(APIUtil.getMd5OfOperationPolicy(operationPolicyData));
                        String policyID = provider.importOperationPolicy(operationPolicyData, tenantDomain);
                        policy.setPolicyId(policyID);
                        validatedOperationPolicies.add(policy);
                    } catch (APIManagementException e) {
                        log.error(e);
                    }
                }
            }
            uriTemplate.setOperationPolicies(validatedOperationPolicies);
        }
    }
    return uriTemplates;
}
Also used : OperationPolicyData(org.wso2.carbon.apimgt.api.model.OperationPolicyData) OperationPolicyDefinition(org.wso2.carbon.apimgt.api.model.OperationPolicyDefinition) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) OperationPolicy(org.wso2.carbon.apimgt.api.model.OperationPolicy) URITemplate(org.wso2.carbon.apimgt.api.model.URITemplate) ArrayList(java.util.ArrayList) OperationPolicySpecification(org.wso2.carbon.apimgt.api.model.OperationPolicySpecification)

Example 13 with OperationPolicy

use of org.wso2.carbon.apimgt.api.model.OperationPolicy in project carbon-apimgt by wso2.

the class PublisherCommonUtils method updateApi.

/**
 * Update an API.
 *
 * @param originalAPI    Existing API
 * @param apiDtoToUpdate New API DTO to update
 * @param apiProvider    API Provider
 * @param tokenScopes    Scopes of the token
 * @throws ParseException         If an error occurs while parsing the endpoint configuration
 * @throws CryptoException        If an error occurs while encrypting the secret key of API
 * @throws APIManagementException If an error occurs while updating the API
 * @throws FaultGatewaysException If an error occurs while updating manage of an existing API
 */
public static API updateApi(API originalAPI, APIDTO apiDtoToUpdate, APIProvider apiProvider, String[] tokenScopes) throws ParseException, CryptoException, APIManagementException, FaultGatewaysException {
    APIIdentifier apiIdentifier = originalAPI.getId();
    // Validate if the USER_REST_API_SCOPES is not set in WebAppAuthenticator when scopes are validated
    if (tokenScopes == null) {
        throw new APIManagementException("Error occurred while updating the  API " + originalAPI.getUUID() + " as the token information hasn't been correctly set internally", ExceptionCodes.TOKEN_SCOPES_NOT_SET);
    }
    boolean isGraphql = originalAPI.getType() != null && APIConstants.APITransportType.GRAPHQL.toString().equals(originalAPI.getType());
    boolean isAsyncAPI = originalAPI.getType() != null && (APIConstants.APITransportType.WS.toString().equals(originalAPI.getType()) || APIConstants.APITransportType.WEBSUB.toString().equals(originalAPI.getType()) || APIConstants.APITransportType.SSE.toString().equals(originalAPI.getType()) || APIConstants.APITransportType.ASYNC.toString().equals(originalAPI.getType()));
    Scope[] apiDtoClassAnnotatedScopes = APIDTO.class.getAnnotationsByType(Scope.class);
    boolean hasClassLevelScope = checkClassScopeAnnotation(apiDtoClassAnnotatedScopes, tokenScopes);
    JSONParser parser = new JSONParser();
    String oldEndpointConfigString = originalAPI.getEndpointConfig();
    JSONObject oldEndpointConfig = null;
    if (StringUtils.isNotBlank(oldEndpointConfigString)) {
        oldEndpointConfig = (JSONObject) parser.parse(oldEndpointConfigString);
    }
    String oldProductionApiSecret = null;
    String oldSandboxApiSecret = null;
    if (oldEndpointConfig != null) {
        if ((oldEndpointConfig.containsKey(APIConstants.ENDPOINT_SECURITY))) {
            JSONObject oldEndpointSecurity = (JSONObject) oldEndpointConfig.get(APIConstants.ENDPOINT_SECURITY);
            if (oldEndpointSecurity.containsKey(APIConstants.OAuthConstants.ENDPOINT_SECURITY_PRODUCTION)) {
                JSONObject oldEndpointSecurityProduction = (JSONObject) oldEndpointSecurity.get(APIConstants.OAuthConstants.ENDPOINT_SECURITY_PRODUCTION);
                if (oldEndpointSecurityProduction.get(APIConstants.OAuthConstants.OAUTH_CLIENT_ID) != null && oldEndpointSecurityProduction.get(APIConstants.OAuthConstants.OAUTH_CLIENT_SECRET) != null) {
                    oldProductionApiSecret = oldEndpointSecurityProduction.get(APIConstants.OAuthConstants.OAUTH_CLIENT_SECRET).toString();
                }
            }
            if (oldEndpointSecurity.containsKey(APIConstants.OAuthConstants.ENDPOINT_SECURITY_SANDBOX)) {
                JSONObject oldEndpointSecuritySandbox = (JSONObject) oldEndpointSecurity.get(APIConstants.OAuthConstants.ENDPOINT_SECURITY_SANDBOX);
                if (oldEndpointSecuritySandbox.get(APIConstants.OAuthConstants.OAUTH_CLIENT_ID) != null && oldEndpointSecuritySandbox.get(APIConstants.OAuthConstants.OAUTH_CLIENT_SECRET) != null) {
                    oldSandboxApiSecret = oldEndpointSecuritySandbox.get(APIConstants.OAuthConstants.OAUTH_CLIENT_SECRET).toString();
                }
            }
        }
    }
    Map endpointConfig = (Map) apiDtoToUpdate.getEndpointConfig();
    CryptoUtil cryptoUtil = CryptoUtil.getDefaultCryptoUtil();
    // OAuth 2.0 backend protection: API Key and API Secret encryption
    encryptEndpointSecurityOAuthCredentials(endpointConfig, cryptoUtil, oldProductionApiSecret, oldSandboxApiSecret, apiDtoToUpdate);
    // AWS Lambda: secret key encryption while updating the API
    if (apiDtoToUpdate.getEndpointConfig() != null) {
        if (endpointConfig.containsKey(APIConstants.AMZN_SECRET_KEY)) {
            String secretKey = (String) endpointConfig.get(APIConstants.AMZN_SECRET_KEY);
            if (!StringUtils.isEmpty(secretKey)) {
                if (!APIConstants.AWS_SECRET_KEY.equals(secretKey)) {
                    String encryptedSecretKey = cryptoUtil.encryptAndBase64Encode(secretKey.getBytes());
                    endpointConfig.put(APIConstants.AMZN_SECRET_KEY, encryptedSecretKey);
                    apiDtoToUpdate.setEndpointConfig(endpointConfig);
                } else {
                    JSONParser jsonParser = new JSONParser();
                    JSONObject originalEndpointConfig = (JSONObject) jsonParser.parse(originalAPI.getEndpointConfig());
                    String encryptedSecretKey = (String) originalEndpointConfig.get(APIConstants.AMZN_SECRET_KEY);
                    endpointConfig.put(APIConstants.AMZN_SECRET_KEY, encryptedSecretKey);
                    apiDtoToUpdate.setEndpointConfig(endpointConfig);
                }
            }
        }
    }
    if (!hasClassLevelScope) {
        // Validate per-field scopes
        apiDtoToUpdate = getFieldOverriddenAPIDTO(apiDtoToUpdate, originalAPI, tokenScopes);
    }
    // API Name change not allowed if OnPrem
    if (APIUtil.isOnPremResolver()) {
        apiDtoToUpdate.setName(apiIdentifier.getApiName());
    }
    apiDtoToUpdate.setVersion(apiIdentifier.getVersion());
    apiDtoToUpdate.setProvider(apiIdentifier.getProviderName());
    apiDtoToUpdate.setContext(originalAPI.getContextTemplate());
    apiDtoToUpdate.setLifeCycleStatus(originalAPI.getStatus());
    apiDtoToUpdate.setType(APIDTO.TypeEnum.fromValue(originalAPI.getType()));
    List<APIResource> removedProductResources = getRemovedProductResources(apiDtoToUpdate, originalAPI);
    if (!removedProductResources.isEmpty()) {
        throw new APIManagementException("Cannot remove following resource paths " + removedProductResources.toString() + " because they are used by one or more API Products", ExceptionCodes.from(ExceptionCodes.API_PRODUCT_USED_RESOURCES, originalAPI.getId().getApiName(), originalAPI.getId().getVersion()));
    }
    // Validate API Security
    List<String> apiSecurity = apiDtoToUpdate.getSecurityScheme();
    // validation for tiers
    List<String> tiersFromDTO = apiDtoToUpdate.getPolicies();
    String originalStatus = originalAPI.getStatus();
    if (apiSecurity.contains(APIConstants.DEFAULT_API_SECURITY_OAUTH2) || apiSecurity.contains(APIConstants.API_SECURITY_API_KEY)) {
        if ((tiersFromDTO == null || tiersFromDTO.isEmpty() && !(APIConstants.CREATED.equals(originalStatus) || APIConstants.PROTOTYPED.equals(originalStatus))) && !apiDtoToUpdate.getAdvertiseInfo().isAdvertised()) {
            throw new APIManagementException("A tier should be defined if the API is not in CREATED or PROTOTYPED state", ExceptionCodes.TIER_CANNOT_BE_NULL);
        }
    }
    if (tiersFromDTO != null && !tiersFromDTO.isEmpty()) {
        // check whether the added API's tiers are all valid
        Set<Tier> definedTiers = apiProvider.getTiers();
        List<String> invalidTiers = getInvalidTierNames(definedTiers, tiersFromDTO);
        if (invalidTiers.size() > 0) {
            throw new APIManagementException("Specified tier(s) " + Arrays.toString(invalidTiers.toArray()) + " are invalid", ExceptionCodes.TIER_NAME_INVALID);
        }
    }
    if (apiDtoToUpdate.getAccessControlRoles() != null) {
        String errorMessage = validateUserRoles(apiDtoToUpdate.getAccessControlRoles());
        if (!errorMessage.isEmpty()) {
            throw new APIManagementException(errorMessage, ExceptionCodes.INVALID_USER_ROLES);
        }
    }
    if (apiDtoToUpdate.getVisibleRoles() != null) {
        String errorMessage = validateRoles(apiDtoToUpdate.getVisibleRoles());
        if (!errorMessage.isEmpty()) {
            throw new APIManagementException(errorMessage, ExceptionCodes.INVALID_USER_ROLES);
        }
    }
    if (apiDtoToUpdate.getAdditionalProperties() != null) {
        String errorMessage = validateAdditionalProperties(apiDtoToUpdate.getAdditionalProperties());
        if (!errorMessage.isEmpty()) {
            throw new APIManagementException(errorMessage, ExceptionCodes.from(ExceptionCodes.INVALID_ADDITIONAL_PROPERTIES, apiDtoToUpdate.getName(), apiDtoToUpdate.getVersion()));
        }
    }
    // Validate if resources are empty
    if (apiDtoToUpdate.getOperations() == null || apiDtoToUpdate.getOperations().isEmpty()) {
        throw new APIManagementException(ExceptionCodes.NO_RESOURCES_FOUND);
    }
    API apiToUpdate = APIMappingUtil.fromDTOtoAPI(apiDtoToUpdate, apiIdentifier.getProviderName());
    if (APIConstants.PUBLIC_STORE_VISIBILITY.equals(apiToUpdate.getVisibility())) {
        apiToUpdate.setVisibleRoles(StringUtils.EMPTY);
    }
    apiToUpdate.setUUID(originalAPI.getUUID());
    apiToUpdate.setOrganization(originalAPI.getOrganization());
    validateScopes(apiToUpdate);
    apiToUpdate.setThumbnailUrl(originalAPI.getThumbnailUrl());
    if (apiDtoToUpdate.getKeyManagers() instanceof List) {
        apiToUpdate.setKeyManagers((List<String>) apiDtoToUpdate.getKeyManagers());
    } else {
        apiToUpdate.setKeyManagers(Collections.singletonList(APIConstants.KeyManager.API_LEVEL_ALL_KEY_MANAGERS));
    }
    if (!isAsyncAPI) {
        String oldDefinition = apiProvider.getOpenAPIDefinition(apiToUpdate.getUuid(), originalAPI.getOrganization());
        APIDefinition apiDefinition = OASParserUtil.getOASParser(oldDefinition);
        SwaggerData swaggerData = new SwaggerData(apiToUpdate);
        String newDefinition = apiDefinition.generateAPIDefinition(swaggerData, oldDefinition);
        apiProvider.saveSwaggerDefinition(apiToUpdate, newDefinition, originalAPI.getOrganization());
        if (!isGraphql) {
            Set<URITemplate> uriTemplates = apiDefinition.getURITemplates(newDefinition);
            // set operation policies from the original API Payload
            Set<URITemplate> uriTemplatesFromPayload = apiToUpdate.getUriTemplates();
            Map<String, List<OperationPolicy>> operationPoliciesPerURITemplate = new HashMap<>();
            for (URITemplate uriTemplate : uriTemplatesFromPayload) {
                if (!uriTemplate.getOperationPolicies().isEmpty()) {
                    String key = uriTemplate.getHTTPVerb() + ":" + uriTemplate.getUriTemplate();
                    operationPoliciesPerURITemplate.put(key, uriTemplate.getOperationPolicies());
                }
            }
            for (URITemplate uriTemplate : uriTemplates) {
                String key = uriTemplate.getHTTPVerb() + ":" + uriTemplate.getUriTemplate();
                if (operationPoliciesPerURITemplate.containsKey(key)) {
                    uriTemplate.setOperationPolicies(operationPoliciesPerURITemplate.get(key));
                }
            }
            apiToUpdate.setUriTemplates(uriTemplates);
        }
    } else {
        String oldDefinition = apiProvider.getAsyncAPIDefinition(apiToUpdate.getUuid(), originalAPI.getOrganization());
        AsyncApiParser asyncApiParser = new AsyncApiParser();
        String updateAsyncAPIDefinition = asyncApiParser.updateAsyncAPIDefinition(oldDefinition, apiToUpdate);
        apiProvider.saveAsyncApiDefinition(originalAPI, updateAsyncAPIDefinition);
    }
    apiToUpdate.setWsdlUrl(apiDtoToUpdate.getWsdlUrl());
    // validate API categories
    List<APICategory> apiCategories = apiToUpdate.getApiCategories();
    List<APICategory> apiCategoriesList = new ArrayList<>();
    for (APICategory category : apiCategories) {
        category.setOrganization(originalAPI.getOrganization());
        apiCategoriesList.add(category);
    }
    apiToUpdate.setApiCategories(apiCategoriesList);
    if (apiCategoriesList.size() > 0) {
        if (!APIUtil.validateAPICategories(apiCategoriesList, originalAPI.getOrganization())) {
            throw new APIManagementException("Invalid API Category name(s) defined", ExceptionCodes.from(ExceptionCodes.API_CATEGORY_INVALID));
        }
    }
    apiToUpdate.setOrganization(originalAPI.getOrganization());
    apiProvider.updateAPI(apiToUpdate, originalAPI);
    return apiProvider.getAPIbyUUID(originalAPI.getUuid(), originalAPI.getOrganization());
// TODO use returend api
}
Also used : HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap) SwaggerData(org.wso2.carbon.apimgt.api.model.SwaggerData) ArrayList(java.util.ArrayList) CryptoUtil(org.wso2.carbon.core.util.CryptoUtil) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) APIIdentifier(org.wso2.carbon.apimgt.api.model.APIIdentifier) List(java.util.List) ArrayList(java.util.ArrayList) Tier(org.wso2.carbon.apimgt.api.model.Tier) APIResource(org.wso2.carbon.apimgt.api.doc.model.APIResource) URITemplate(org.wso2.carbon.apimgt.api.model.URITemplate) AsyncApiParser(org.wso2.carbon.apimgt.impl.definitions.AsyncApiParser) Scope(org.wso2.carbon.apimgt.rest.api.common.annotations.Scope) JSONObject(org.json.simple.JSONObject) APIDefinition(org.wso2.carbon.apimgt.api.APIDefinition) JSONParser(org.json.simple.parser.JSONParser) API(org.wso2.carbon.apimgt.api.model.API) Map(java.util.Map) HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap) APICategory(org.wso2.carbon.apimgt.api.model.APICategory)

Example 14 with OperationPolicy

use of org.wso2.carbon.apimgt.api.model.OperationPolicy in project carbon-apimgt by wso2.

the class ApiMgtDAO method addURITemplates.

/**
 * Add URI Templates to database with resource scope mappings by passing the DB connection.
 *
 * @param apiId      API Id
 * @param api        API
 * @param tenantId   tenant Id
 * @param connection Existing DB Connection
 * @throws SQLException If a SQL error occurs while adding URI Templates
 */
private void addURITemplates(int apiId, API api, int tenantId, Connection connection) throws SQLException, APIManagementException {
    String dbProductName = connection.getMetaData().getDatabaseProductName();
    String tenantDomain = APIUtil.getTenantDomainFromTenantId(tenantId);
    try (PreparedStatement uriMappingPrepStmt = connection.prepareStatement(SQLConstants.ADD_URL_MAPPING_SQL, new String[] { DBUtils.getConvertedAutoGeneratedColumnName(dbProductName, "URL_MAPPING_ID") });
        PreparedStatement uriScopeMappingPrepStmt = connection.prepareStatement(SQLConstants.ADD_API_RESOURCE_SCOPE_MAPPING);
        PreparedStatement operationPolicyMappingPrepStmt = connection.prepareStatement(SQLConstants.OperationPolicyConstants.ADD_API_OPERATION_POLICY_MAPPING)) {
        Map<String, String> updatedPoliciesMap = new HashMap<>();
        Set<String> usedClonedPolicies = new HashSet<String>();
        for (URITemplate uriTemplate : api.getUriTemplates()) {
            uriMappingPrepStmt.setInt(1, apiId);
            uriMappingPrepStmt.setString(2, uriTemplate.getHTTPVerb());
            uriMappingPrepStmt.setString(3, uriTemplate.getAuthType());
            uriMappingPrepStmt.setString(4, uriTemplate.getUriTemplate());
            // If API policy is available then set it for all the resources.
            if (StringUtils.isEmpty(api.getApiLevelPolicy())) {
                uriMappingPrepStmt.setString(5, (StringUtils.isEmpty(uriTemplate.getThrottlingTier())) ? APIConstants.UNLIMITED_TIER : uriTemplate.getThrottlingTier());
            } else {
                uriMappingPrepStmt.setString(5, (StringUtils.isEmpty(api.getApiLevelPolicy())) ? APIConstants.UNLIMITED_TIER : api.getApiLevelPolicy());
            }
            InputStream is = null;
            if (uriTemplate.getMediationScript() != null) {
                is = new ByteArrayInputStream(uriTemplate.getMediationScript().getBytes(Charset.defaultCharset()));
            }
            if (connection.getMetaData().getDriverName().contains("PostgreSQL") || connection.getMetaData().getDatabaseProductName().contains("DB2")) {
                if (uriTemplate.getMediationScript() != null) {
                    uriMappingPrepStmt.setBinaryStream(6, is, uriTemplate.getMediationScript().getBytes(Charset.defaultCharset()).length);
                } else {
                    uriMappingPrepStmt.setBinaryStream(6, is, 0);
                }
            } else {
                uriMappingPrepStmt.setBinaryStream(6, is);
            }
            uriMappingPrepStmt.execute();
            int uriMappingId = -1;
            try (ResultSet resultIdSet = uriMappingPrepStmt.getGeneratedKeys()) {
                while (resultIdSet.next()) {
                    uriMappingId = resultIdSet.getInt(1);
                }
            }
            if (uriMappingId != -1) {
                for (Scope uriTemplateScope : uriTemplate.retrieveAllScopes()) {
                    String scopeKey = uriTemplateScope.getKey();
                    if (log.isDebugEnabled()) {
                        log.debug("Adding scope to resource mapping for scope key: " + scopeKey + " and URL mapping Id: " + uriMappingId);
                    }
                    uriScopeMappingPrepStmt.setString(1, scopeKey);
                    uriScopeMappingPrepStmt.setInt(2, uriMappingId);
                    uriScopeMappingPrepStmt.setInt(3, tenantId);
                    uriScopeMappingPrepStmt.addBatch();
                }
                if (uriTemplate.getOperationPolicies() != null) {
                    for (OperationPolicy policy : uriTemplate.getOperationPolicies()) {
                        if (!updatedPoliciesMap.keySet().contains(policy.getPolicyId())) {
                            OperationPolicyData existingPolicy = getAPISpecificOperationPolicyByPolicyID(policy.getPolicyId(), api.getUuid(), tenantDomain, false);
                            String clonedPolicyId = policy.getPolicyId();
                            if (existingPolicy != null) {
                                if (existingPolicy.isClonedPolicy()) {
                                    usedClonedPolicies.add(clonedPolicyId);
                                }
                            } else {
                                // Even though the policy ID attached is not in the API specific policy list,
                                // it can be a common policy and we need to verify that it has not been previously cloned
                                // for the API before cloning again.
                                clonedPolicyId = getClonedPolicyIdForCommonPolicyId(connection, policy.getPolicyId(), api.getUuid());
                                if (clonedPolicyId == null) {
                                    clonedPolicyId = cloneOperationPolicy(connection, policy.getPolicyId(), api.getUuid(), null);
                                }
                                usedClonedPolicies.add(clonedPolicyId);
                            // usedClonedPolicies set will not contain used API specific policies that are not cloned.
                            // TODO: discuss whether we need to clone API specific policies as well
                            }
                            // Updated policies map will record the updated policy ID for the used policy ID.
                            // If the policy has been cloned to the API specific policy list, we need to use the
                            // updated policy Id.
                            updatedPoliciesMap.put(policy.getPolicyId(), clonedPolicyId);
                        }
                        Gson gson = new Gson();
                        String paramJSON = gson.toJson(policy.getParameters());
                        if (log.isDebugEnabled()) {
                            log.debug("Adding operation policy " + policy.getPolicyName() + " for API " + api.getId().getApiName() + " to URL mapping Id " + uriMappingId);
                        }
                        operationPolicyMappingPrepStmt.setInt(1, uriMappingId);
                        operationPolicyMappingPrepStmt.setString(2, updatedPoliciesMap.get(policy.getPolicyId()));
                        operationPolicyMappingPrepStmt.setString(3, policy.getDirection());
                        operationPolicyMappingPrepStmt.setString(4, paramJSON);
                        operationPolicyMappingPrepStmt.setInt(5, policy.getOrder());
                        operationPolicyMappingPrepStmt.addBatch();
                    }
                }
            }
            uriTemplate.setId(uriMappingId);
        }
        // end URITemplate list iteration
        uriScopeMappingPrepStmt.executeBatch();
        operationPolicyMappingPrepStmt.executeBatch();
        cleanUnusedClonedOperationPolicies(connection, usedClonedPolicies, api.getUuid());
    }
}
Also used : LinkedHashMap(java.util.LinkedHashMap) HashMap(java.util.HashMap) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) URITemplate(org.wso2.carbon.apimgt.api.model.URITemplate) Gson(com.google.gson.Gson) PreparedStatement(java.sql.PreparedStatement) OperationPolicyData(org.wso2.carbon.apimgt.api.model.OperationPolicyData) Scope(org.wso2.carbon.apimgt.api.model.Scope) ByteArrayInputStream(java.io.ByteArrayInputStream) OperationPolicy(org.wso2.carbon.apimgt.api.model.OperationPolicy) ResultSet(java.sql.ResultSet) LinkedHashSet(java.util.LinkedHashSet) HashSet(java.util.HashSet)

Example 15 with OperationPolicy

use of org.wso2.carbon.apimgt.api.model.OperationPolicy in project carbon-apimgt by wso2.

the class OperationPolicyMappingUtil method fromOperationPolicyListToDTO.

public static APIOperationPoliciesDTO fromOperationPolicyListToDTO(List<OperationPolicy> operationPolicyList) {
    APIOperationPoliciesDTO dto = new APIOperationPoliciesDTO();
    List<OperationPolicyDTO> request = new ArrayList<>();
    List<OperationPolicyDTO> response = new ArrayList<>();
    List<OperationPolicyDTO> fault = new ArrayList<>();
    for (OperationPolicy op : operationPolicyList) {
        OperationPolicyDTO policyDTO = fromOperationPolicyToDTO(op);
        if (APIConstants.OPERATION_SEQUENCE_TYPE_REQUEST.equals(op.getDirection())) {
            request.add(policyDTO);
        } else if (APIConstants.OPERATION_SEQUENCE_TYPE_RESPONSE.equals(op.getDirection())) {
            response.add(policyDTO);
        } else if (APIConstants.OPERATION_SEQUENCE_TYPE_FAULT.equals(op.getDirection())) {
            fault.add(policyDTO);
        }
    }
    dto.setRequest(request);
    dto.setResponse(response);
    dto.setFault(fault);
    return dto;
}
Also used : APIOperationPoliciesDTO(org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.APIOperationPoliciesDTO) OperationPolicyDTO(org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.OperationPolicyDTO) OperationPolicy(org.wso2.carbon.apimgt.api.model.OperationPolicy) ArrayList(java.util.ArrayList)

Aggregations

OperationPolicy (org.wso2.carbon.apimgt.api.model.OperationPolicy)28 ArrayList (java.util.ArrayList)21 URITemplate (org.wso2.carbon.apimgt.api.model.URITemplate)20 HashMap (java.util.HashMap)16 PreparedStatement (java.sql.PreparedStatement)13 ResultSet (java.sql.ResultSet)12 Connection (java.sql.Connection)11 Gson (com.google.gson.Gson)9 APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)9 SQLException (java.sql.SQLException)8 LinkedHashMap (java.util.LinkedHashMap)8 List (java.util.List)8 ByteArrayInputStream (java.io.ByteArrayInputStream)7 InputStream (java.io.InputStream)7 OperationPolicyData (org.wso2.carbon.apimgt.api.model.OperationPolicyData)7 Scope (org.wso2.carbon.apimgt.api.model.Scope)7 HashSet (java.util.HashSet)6 LinkedHashSet (java.util.LinkedHashSet)6 APIIdentifier (org.wso2.carbon.apimgt.api.model.APIIdentifier)6 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)5