Examples with Scope org.wso2.carbon.apimgt.api.model.Scope used on opensource projects

Example 56 with Scope

use of org.wso2.carbon.apimgt.api.model.Scope in project carbon-apimgt by wso2.

the class APIConsumerImpl method getAllowedScopesForUserApplication.

private static List<Scope> getAllowedScopesForUserApplication(String username, Set<Scope> reqScopeSet) {
    String[] userRoles = null;
    org.wso2.carbon.user.api.UserStoreManager userStoreManager = null;
    String preservedCaseSensitiveValue = System.getProperty(PRESERVED_CASE_SENSITIVE_VARIABLE);
    boolean preservedCaseSensitive = JavaUtils.isTrueExplicitly(preservedCaseSensitiveValue);
    List<Scope> authorizedScopes = new ArrayList<Scope>();
    try {
        RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
        int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(MultitenantUtils.getTenantDomain(username));
        userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
        userRoles = userStoreManager.getRoleListOfUser(MultitenantUtils.getTenantAwareUsername(username));
    } catch (org.wso2.carbon.user.api.UserStoreException e) {
        // Log and return since we do not want to stop issuing the token in
        // case of scope validation failures.
        log.error("Error when getting the tenant's UserStoreManager or when getting roles of user ", e);
    }
    List<String> userRoleList;
    if (userRoles != null) {
        if (preservedCaseSensitive) {
            userRoleList = Arrays.asList(userRoles);
        } else {
            userRoleList = new ArrayList<String>();
            for (String userRole : userRoles) {
                userRoleList.add(userRole.toLowerCase());
            }
        }
    } else {
        userRoleList = Collections.emptyList();
    }
    // Iterate the requested scopes list.
    for (Scope scope : reqScopeSet) {
        // Get the set of roles associated with the requested scope.
        String roles = scope.getRoles();
        // If the scope has been defined in the context of the App and if roles have been defined for the scope
        if (roles != null && roles.length() != 0) {
            List<String> roleList = new ArrayList<String>();
            for (String scopeRole : roles.split(",")) {
                if (preservedCaseSensitive) {
                    roleList.add(scopeRole.trim());
                } else {
                    roleList.add(scopeRole.trim().toLowerCase());
                }
            }
            // Check if user has at least one of the roles associated with the scope
            roleList.retainAll(userRoleList);
            if (!roleList.isEmpty()) {
                authorizedScopes.add(scope);
            }
        }
    }
    return authorizedScopes;
}

Example 57 with Scope

use of org.wso2.carbon.apimgt.api.model.Scope in project carbon-apimgt by wso2.

the class APIProviderImpl method updateAPIResources.

/**
 * Update resources of the API including local scopes and resource to scope attachments.
 *
 * @param api      API
 * @param tenantId Tenant Id
 * @throws APIManagementException If fails to update local scopes of the API.
 */
private void updateAPIResources(API api, int tenantId) throws APIManagementException {
    String tenantDomain = APIUtil.getTenantDomainFromTenantId(tenantId);
    APIIdentifier apiIdentifier = api.getId();
    // Get the new URI templates for the API
    Set<URITemplate> uriTemplates = api.getUriTemplates();
    // Get the existing local scope keys attached for the API
    Set<String> oldLocalScopeKeys = apiMgtDAO.getAllLocalScopeKeysForAPI(api.getUuid(), tenantId);
    // Get the existing URI templates for the API
    Set<URITemplate> oldURITemplates = apiMgtDAO.getURITemplatesOfAPI(api.getUuid());
    // Get the new local scope keys from URI templates
    Set<Scope> newLocalScopes = getScopesToRegisterFromURITemplates(api.getId().getApiName(), api.getOrganization(), uriTemplates);
    Set<String> newLocalScopeKeys = newLocalScopes.stream().map(Scope::getKey).collect(Collectors.toSet());
    // Get the existing versioned local scope keys attached for the API
    Set<String> oldVersionedLocalScopeKeys = apiMgtDAO.getVersionedLocalScopeKeysForAPI(api.getUuid(), tenantId);
    // Get the existing versioned local scope keys which needs to be removed (not updated) from the current updating
    // API and remove them from the oldLocalScopeKeys set before sending to KM, so that they will not be removed
    // from KM and can be still used by other versioned APIs.
    Iterator oldLocalScopesItr = oldLocalScopeKeys.iterator();
    while (oldLocalScopesItr.hasNext()) {
        String oldLocalScopeKey = (String) oldLocalScopesItr.next();
        // if the scope is used in versioned APIs and it is not in new local scope key set
        if (oldVersionedLocalScopeKeys.contains(oldLocalScopeKey) && !newLocalScopeKeys.contains(oldLocalScopeKey)) {
            // remove from old local scope key set which will be send to KM
            oldLocalScopesItr.remove();
        }
    }
    apiMgtDAO.updateURITemplates(api, tenantId);
    if (log.isDebugEnabled()) {
        log.debug("Successfully updated the URI templates of API: " + apiIdentifier + " in the database");
    }
    // Update the resource scopes of the API in KM.
    // Need to remove the old local scopes and register new local scopes and, update the resource scope mappings
    // using the updated URI templates of the API.
    deleteScopes(oldLocalScopeKeys, tenantId);
    addScopes(newLocalScopes, tenantId);
    Map<String, KeyManagerDto> tenantKeyManagers = KeyManagerHolder.getTenantKeyManagers(tenantDomain);
    for (Map.Entry<String, KeyManagerDto> keyManagerDtoEntry : tenantKeyManagers.entrySet()) {
        KeyManager keyManager = keyManagerDtoEntry.getValue().getKeyManager();
        if (keyManager != null) {
            try {
                keyManager.updateResourceScopes(api, oldLocalScopeKeys, newLocalScopes, oldURITemplates, uriTemplates);
                if (log.isDebugEnabled()) {
                    log.debug("Successfully updated the resource scopes of API: " + apiIdentifier + " in Key Manager " + keyManagerDtoEntry.getKey() + " .");
                }
            } catch (APIManagementException e) {
                log.error("Error while updating resource to scope attachment in Key Manager " + keyManagerDtoEntry.getKey(), e);
            }
        }
    }
}

Example 58 with Scope

use of org.wso2.carbon.apimgt.api.model.Scope in project carbon-apimgt by wso2.

the class APIProviderImpl method getAllSharedScopes.

/**
 * Get all available shared scopes.
 *
 * @param tenantDomain tenant domain
 * @return Shared Scope list
 * @throws APIManagementException if failed to get the scope list
 */
@Override
public List<Scope> getAllSharedScopes(String tenantDomain) throws APIManagementException {
    if (log.isDebugEnabled()) {
        log.debug("Retrieving all the shared scopes for tenant: " + tenantDomain);
    }
    // Get all shared scopes
    List<Scope> allSharedScopes = ApiMgtDAO.getInstance().getAllSharedScopes(tenantDomain);
    // Get all scopes from KM
    List<Scope> allScopes = scopesDAO.getScopes(APIUtil.getTenantIdFromTenantDomain(tenantDomain));
    for (Scope scope : allSharedScopes) {
        for (Scope tempScope : allScopes) {
            if (scope.getKey().equals(tempScope.getKey())) {
                scope.setName(tempScope.getName());
                scope.setDescription(tempScope.getDescription());
                scope.setRoles(tempScope.getRoles());
                break;
            }
        }
    }
    return allSharedScopes;
}

Example 59 with Scope

use of org.wso2.carbon.apimgt.api.model.Scope in project carbon-apimgt by wso2.

the class APIProviderImpl method addScopes.

private void addScopes(Set<Scope> scopes, int tenantId) throws APIManagementException {
    if (scopes != null) {
        scopesDAO.addScopes(scopes, tenantId);
        for (Scope scope : scopes) {
            ScopeEvent scopeEvent = new ScopeEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.SCOPE_CREATE.name(), tenantId, tenantDomain, scope.getKey(), scope.getName(), scope.getDescription());
            if (StringUtils.isNotEmpty(scope.getRoles()) && scope.getRoles().trim().length() > 0) {
                scopeEvent.setRoles(Arrays.asList(scope.getRoles().split(",")));
            }
            APIUtil.sendNotification(scopeEvent, APIConstants.NotifierType.SCOPE.name());
        }
    }
}

Example 60 with Scope

use of org.wso2.carbon.apimgt.api.model.Scope in project carbon-apimgt by wso2.

the class APIProviderImpl method addURITemplates.

/**
 * Add URI templates for the API.
 *
 * @param apiId    API Id
 * @param api      API
 * @param tenantId Tenant Id
 * @throws APIManagementException if fails to add URI templates for the API
 */
private void addURITemplates(int apiId, API api, int tenantId) throws APIManagementException {
    String tenantDomain = APIUtil.getTenantDomainFromTenantId(tenantId);
    apiMgtDAO.addURITemplates(apiId, api, tenantId);
    Map<String, KeyManagerDto> tenantKeyManagers = KeyManagerHolder.getTenantKeyManagers(tenantDomain);
    for (Map.Entry<String, KeyManagerDto> keyManagerDtoEntry : tenantKeyManagers.entrySet()) {
        KeyManager keyManager = keyManagerDtoEntry.getValue().getKeyManager();
        if (keyManager != null) {
            try {
                keyManager.attachResourceScopes(api, api.getUriTemplates());
            } catch (APIManagementException e) {
                log.error("Error while Attaching Resource to scope in Key Manager " + keyManagerDtoEntry.getKey(), e);
            }
        }
    }
}