Example 36 with Scope
use of org.wso2.carbon.apimgt.api.model.Scope in project carbon-apimgt by wso2.
the class OAS3Parser method setLegacyScopeExtensionToSwagger.
/**
* Set scopes to the openAPI extension
*
* @param openAPI OpenAPI object
* @param swaggerData Swagger API data
*/
private void setLegacyScopeExtensionToSwagger(OpenAPI openAPI, SwaggerData swaggerData) {
Set<Scope> scopes = swaggerData.getScopes();
if (scopes != null && !scopes.isEmpty()) {
List<Map<String, String>> xSecurityScopesArray = new ArrayList<>();
for (Scope scope : scopes) {
Map<String, String> xWso2ScopesObject = new LinkedHashMap<>();
xWso2ScopesObject.put(APIConstants.SWAGGER_SCOPE_KEY, scope.getKey());
xWso2ScopesObject.put(APIConstants.SWAGGER_NAME, scope.getName());
xWso2ScopesObject.put(APIConstants.SWAGGER_ROLES, scope.getRoles());
xWso2ScopesObject.put(APIConstants.SWAGGER_DESCRIPTION, scope.getDescription());
xSecurityScopesArray.add(xWso2ScopesObject);
}
Map<String, Object> xWSO2Scopes = new LinkedHashMap<>();
xWSO2Scopes.put(APIConstants.SWAGGER_X_WSO2_SCOPES, xSecurityScopesArray);
Map<String, Object> xWSO2SecurityDefinitionObject = new LinkedHashMap<>();
xWSO2SecurityDefinitionObject.put(APIConstants.SWAGGER_OBJECT_NAME_APIM, xWSO2Scopes);
openAPI.addExtension(APIConstants.SWAGGER_X_WSO2_SECURITY, xWSO2SecurityDefinitionObject);
}
}
Also used :
Scope(org.wso2.carbon.apimgt.api.model.Scope)
ArrayList(java.util.ArrayList)
JSONObject(org.json.simple.JSONObject)
Map(java.util.Map)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
LinkedHashMap(java.util.LinkedHashMap)
Example 37 with Scope
use of org.wso2.carbon.apimgt.api.model.Scope in project carbon-apimgt by wso2.
the class OAS3Parser method processOtherSchemeScopes.
/**
* This method will inject scopes of other schemes to the swagger definition
*
* @param swaggerContent resource json
* @return String
* @throws APIManagementException
*/
@Override
public String processOtherSchemeScopes(String swaggerContent) throws APIManagementException {
OpenAPI openAPI = getOpenAPI(swaggerContent);
Set<Scope> legacyScopes = getScopesFromExtensions(openAPI);
// This is to fix https://github.com/wso2/product-apim/issues/8724
if (isDefaultGiven(swaggerContent) && !legacyScopes.isEmpty()) {
SecurityScheme defaultScheme = openAPI.getComponents().getSecuritySchemes().get(OPENAPI_SECURITY_SCHEMA_KEY);
OAuthFlows oAuthFlows = defaultScheme.getFlows();
if (oAuthFlows != null) {
OAuthFlow oAuthFlow = oAuthFlows.getImplicit();
if (oAuthFlow != null) {
Scopes defaultScopes = oAuthFlow.getScopes();
if (defaultScopes != null) {
for (Scope legacyScope : legacyScopes) {
if (!defaultScopes.containsKey(legacyScope.getKey())) {
openAPI = processLegacyScopes(openAPI);
return Json.pretty(openAPI);
}
}
}
}
}
}
if (!isDefaultGiven(swaggerContent)) {
openAPI = processLegacyScopes(openAPI);
openAPI = injectOtherScopesToDefaultScheme(openAPI);
openAPI = injectOtherResourceScopesToDefaultScheme(openAPI);
return Json.pretty(openAPI);
}
return swaggerContent;
}
Also used :
Scope(org.wso2.carbon.apimgt.api.model.Scope)
OAuthFlows(io.swagger.v3.oas.models.security.OAuthFlows)
OAuthFlow(io.swagger.v3.oas.models.security.OAuthFlow)
Scopes(io.swagger.v3.oas.models.security.Scopes)
OpenAPI(io.swagger.v3.oas.models.OpenAPI)
SecurityScheme(io.swagger.v3.oas.models.security.SecurityScheme)
Example 38 with Scope
use of org.wso2.carbon.apimgt.api.model.Scope in project carbon-apimgt by wso2.
the class OAS3Parser method processLegacyScopes.
/**
* This method will extract scopes from legacy x-wso2-security and add them to default scheme
* @param openAPI openAPI definition
* @return
* @throws APIManagementException
*/
private OpenAPI processLegacyScopes(OpenAPI openAPI) throws APIManagementException {
Set<Scope> scopes = getScopesFromExtensions(openAPI);
if (!scopes.isEmpty()) {
if (openAPI.getComponents() == null) {
openAPI.setComponents(new Components());
}
Map<String, SecurityScheme> securitySchemes = openAPI.getComponents().getSecuritySchemes();
if (securitySchemes == null) {
securitySchemes = new HashMap<>();
openAPI.getComponents().setSecuritySchemes(securitySchemes);
}
SecurityScheme securityScheme = securitySchemes.get(OPENAPI_SECURITY_SCHEMA_KEY);
if (securityScheme == null) {
securityScheme = new SecurityScheme();
securityScheme.setType(SecurityScheme.Type.OAUTH2);
securitySchemes.put(OPENAPI_SECURITY_SCHEMA_KEY, securityScheme);
List<SecurityRequirement> security = new ArrayList<SecurityRequirement>();
SecurityRequirement secReq = new SecurityRequirement();
secReq.addList(OPENAPI_SECURITY_SCHEMA_KEY, new ArrayList<String>());
security.add(secReq);
openAPI.setSecurity(security);
}
if (securityScheme.getFlows() == null) {
securityScheme.setFlows(new OAuthFlows());
}
OAuthFlow oAuthFlow = securityScheme.getFlows().getImplicit();
if (oAuthFlow == null) {
oAuthFlow = new OAuthFlow();
securityScheme.getFlows().setImplicit(oAuthFlow);
}
oAuthFlow.setAuthorizationUrl(OPENAPI_DEFAULT_AUTHORIZATION_URL);
Scopes oas3Scopes = oAuthFlow.getScopes() != null ? oAuthFlow.getScopes() : new Scopes();
if (scopes != null && !scopes.isEmpty()) {
Map<String, String> scopeBindings = new HashMap<>();
if (oAuthFlow.getExtensions() != null) {
scopeBindings = (Map<String, String>) oAuthFlow.getExtensions().get(APIConstants.SWAGGER_X_SCOPES_BINDINGS) != null ? (Map<String, String>) oAuthFlow.getExtensions().get(APIConstants.SWAGGER_X_SCOPES_BINDINGS) : new HashMap<>();
}
for (Scope scope : scopes) {
oas3Scopes.put(scope.getKey(), scope.getDescription());
String roles = (StringUtils.isNotBlank(scope.getRoles()) && scope.getRoles().trim().split(",").length > 0) ? scope.getRoles() : StringUtils.EMPTY;
scopeBindings.put(scope.getKey(), roles);
}
oAuthFlow.addExtension(APIConstants.SWAGGER_X_SCOPES_BINDINGS, scopeBindings);
}
oAuthFlow.setScopes(oas3Scopes);
}
return openAPI;
}
Also used :
OAuthFlows(io.swagger.v3.oas.models.security.OAuthFlows)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
ArrayList(java.util.ArrayList)
Components(io.swagger.v3.oas.models.Components)
Scope(org.wso2.carbon.apimgt.api.model.Scope)
OAuthFlow(io.swagger.v3.oas.models.security.OAuthFlow)
Scopes(io.swagger.v3.oas.models.security.Scopes)
SecurityScheme(io.swagger.v3.oas.models.security.SecurityScheme)
Map(java.util.Map)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
SecurityRequirement(io.swagger.v3.oas.models.security.SecurityRequirement)
Example 39 with Scope
use of org.wso2.carbon.apimgt.api.model.Scope in project carbon-apimgt by wso2.
the class OAS3Parser method getScopesFromExtensions.
/**
* Get scope information from the extensions
*
* @param openAPI openAPI object
* @return Scope set
* @throws APIManagementException if an error occurred
*/
private Set<Scope> getScopesFromExtensions(OpenAPI openAPI) throws APIManagementException {
Set<Scope> scopeList = new LinkedHashSet<>();
Map<String, Object> extensions = openAPI.getExtensions();
if (extensions != null && extensions.containsKey(APIConstants.SWAGGER_X_WSO2_SECURITY)) {
Map<String, Object> securityDefinitions = (Map<String, Object>) extensions.get(APIConstants.SWAGGER_X_WSO2_SECURITY);
for (Map.Entry<String, Object> entry : securityDefinitions.entrySet()) {
Map<String, Object> securityDefinition = (Map<String, Object>) entry.getValue();
if (securityDefinition.containsKey(APIConstants.SWAGGER_X_WSO2_SCOPES)) {
List<Map<String, String>> oauthScope = (List<Map<String, String>>) securityDefinition.get(APIConstants.SWAGGER_X_WSO2_SCOPES);
for (Map<String, String> anOauthScope : oauthScope) {
Scope scope = new Scope();
scope.setKey(anOauthScope.get(APIConstants.SWAGGER_SCOPE_KEY));
scope.setName(anOauthScope.get(APIConstants.SWAGGER_NAME));
scope.setDescription(anOauthScope.get(APIConstants.SWAGGER_DESCRIPTION));
scope.setRoles(anOauthScope.get(APIConstants.SWAGGER_ROLES));
scopeList.add(scope);
}
}
}
}
return scopeList;
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
Scope(org.wso2.carbon.apimgt.api.model.Scope)
JSONObject(org.json.simple.JSONObject)
List(java.util.List)
ArrayList(java.util.ArrayList)
Map(java.util.Map)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
Example 40 with Scope
use of org.wso2.carbon.apimgt.api.model.Scope in project carbon-apimgt by wso2.
the class OASParserUtil method setScopesToTemplate.
/**
* Sets the scopes to the URL template object using the given list of scopes
*
* @param template URL template
* @param resourceScopes list of scopes of the resource
* @param apiScopes set of scopes defined for the API
* @return URL template after setting the scopes
*/
public static URITemplate setScopesToTemplate(URITemplate template, List<String> resourceScopes, Set<Scope> apiScopes) throws APIManagementException {
for (String scopeName : resourceScopes) {
if (StringUtils.isNotBlank(scopeName)) {
Scope scope = APIUtil.findScopeByKey(apiScopes, scopeName);
if (scope == null) {
throw new APIManagementException("Resource Scope '" + scopeName + "' not found.");
}
template.setScopes(scope);
}
}
return template;
}
Also used :
Scope(org.wso2.carbon.apimgt.api.model.Scope)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
Aggregations
Scope (org.wso2.carbon.apimgt.api.model.Scope)97
HashMap (java.util.HashMap)76
ArrayList (java.util.ArrayList)58
APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)50
Scope (org.wso2.carbon.apimgt.core.models.Scope)41
Map (java.util.Map)39
URITemplate (org.wso2.carbon.apimgt.api.model.URITemplate)39
LinkedHashSet (java.util.LinkedHashSet)32
LinkedHashMap (java.util.LinkedHashMap)29
HashSet (java.util.HashSet)26
RestVariable (org.wso2.carbon.bpmn.rest.engine.variable.RestVariable)25
List (java.util.List)24
Test (org.testng.annotations.Test)23
JSONObject (org.json.simple.JSONObject)22
APIManagementException (org.wso2.carbon.apimgt.core.exception.APIManagementException)19
PreparedStatement (java.sql.PreparedStatement)17
APIIdentifier (org.wso2.carbon.apimgt.api.model.APIIdentifier)17
SQLException (java.sql.SQLException)16
Gson (com.google.gson.Gson)15
Connection (java.sql.Connection)15
