Example 1 with APIMThreatAnalyzer
use of org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.APIMThreatAnalyzer in project carbon-apimgt by wso2.
the class Analyze method execute.
@Override
public BValue[] execute(Context context) {
String payloadType = getStringArgument(context, 0);
String payload = getStringArgument(context, 1);
String apiContext = getStringArgument(context, 2);
String policyId = getStringArgument(context, 3);
APIMThreatAnalyzer analyzer = AnalyzerHolder.getAnalyzer(payloadType, policyId);
if (analyzer == null) {
return getBValues(new BBoolean(false), new BString("Unknown Payload Type"));
}
boolean noThreatsDetected = true;
String errMessage = null;
try {
analyzer.analyze(payload, apiContext);
} catch (APIMThreatAnalyzerException e) {
noThreatsDetected = false;
errMessage = e.getMessage();
}
AnalyzerHolder.returnObject(analyzer);
return getBValues(new BBoolean(noThreatsDetected), new BString(errMessage));
}
Also used :
BString(org.ballerinalang.model.values.BString)
BBoolean(org.ballerinalang.model.values.BBoolean)
BString(org.ballerinalang.model.values.BString)
APIMThreatAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.APIMThreatAnalyzer)
Example 2 with APIMThreatAnalyzer
use of org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.APIMThreatAnalyzer in project carbon-apimgt by wso2.
the class AnalyzerHolder method getAnalyzer.
/**
* Borrows an object from pools (xml or json) for threat analysis
*
* @param contentType Content-Type of the payload
* @param policyId ID of the API
* @return Instance of APIMThreatAnalyzer based on content type
*/
public static APIMThreatAnalyzer getAnalyzer(String contentType, String policyId) {
APIMThreatAnalyzer analyzer = null;
if (T_TEXT_XML.equalsIgnoreCase(contentType) || T_APPLICATION_XML.equalsIgnoreCase(contentType)) {
try {
analyzer = xmlAnalyzerAnalyzerPool.borrowObject();
// configure per api
XMLConfig xmlConfig = ConfigurationHolder.getXmlConfig(policyId);
if (xmlConfig == null) {
xmlConfig = ConfigurationHolder.getXmlConfig("GLOBAL-XML");
}
if (xmlConfig == null) {
return null;
}
analyzer.configure(xmlConfig);
} catch (Exception e) {
logger.error("Threat Protection: Failed to create XMLAnalyzer, " + e.getMessage());
}
} else if (T_TEXT_JSON.equalsIgnoreCase(contentType) || T_APPLICATION_JSON.equalsIgnoreCase(contentType)) {
try {
analyzer = jsonAnalyzerAnalyzerPool.borrowObject();
// configure per api
JSONConfig jsonConfig = ConfigurationHolder.getJsonConfig(policyId);
if (jsonConfig == null) {
jsonConfig = ConfigurationHolder.getJsonConfig("GLOBAL-JSON");
}
if (jsonConfig == null) {
return null;
}
analyzer.configure(jsonConfig);
} catch (Exception e) {
logger.error("Threat Protection: Failed to create JSONAnalyzer, " + e.getMessage());
}
}
return analyzer;
}
Also used :
XMLConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.XMLConfig)
JSONConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig)
APIMThreatAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.APIMThreatAnalyzer)
Aggregations
APIMThreatAnalyzer (org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.APIMThreatAnalyzer)2
BBoolean (org.ballerinalang.model.values.BBoolean)1
BString (org.ballerinalang.model.values.BString)1
JSONConfig (org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig)1
XMLConfig (org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.XMLConfig)1
