Example 1 with JSONConfig
use of org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig in project carbon-apimgt by wso2.
the class AnalyzerHolder method getAnalyzer.
/**
* Borrows an object from pools (xml or json) for threat analysis
*
* @param contentType Content-Type of the payload
* @param policyId ID of the API
* @return Instance of APIMThreatAnalyzer based on content type
*/
public static APIMThreatAnalyzer getAnalyzer(String contentType, String policyId) {
APIMThreatAnalyzer analyzer = null;
if (T_TEXT_XML.equalsIgnoreCase(contentType) || T_APPLICATION_XML.equalsIgnoreCase(contentType)) {
try {
analyzer = xmlAnalyzerAnalyzerPool.borrowObject();
// configure per api
XMLConfig xmlConfig = ConfigurationHolder.getXmlConfig(policyId);
if (xmlConfig == null) {
xmlConfig = ConfigurationHolder.getXmlConfig("GLOBAL-XML");
}
if (xmlConfig == null) {
return null;
}
analyzer.configure(xmlConfig);
} catch (Exception e) {
logger.error("Threat Protection: Failed to create XMLAnalyzer, " + e.getMessage());
}
} else if (T_TEXT_JSON.equalsIgnoreCase(contentType) || T_APPLICATION_JSON.equalsIgnoreCase(contentType)) {
try {
analyzer = jsonAnalyzerAnalyzerPool.borrowObject();
// configure per api
JSONConfig jsonConfig = ConfigurationHolder.getJsonConfig(policyId);
if (jsonConfig == null) {
jsonConfig = ConfigurationHolder.getJsonConfig("GLOBAL-JSON");
}
if (jsonConfig == null) {
return null;
}
analyzer.configure(jsonConfig);
} catch (Exception e) {
logger.error("Threat Protection: Failed to create JSONAnalyzer, " + e.getMessage());
}
}
return analyzer;
}
Also used :
XMLConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.XMLConfig)
JSONConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig)
APIMThreatAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.APIMThreatAnalyzer)
Example 2 with JSONConfig
use of org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig in project carbon-apimgt by wso2.
the class JSONAnalyzerTestCase method testCheckMaxStringLengthFail.
@Test(expectedExceptions = APIMThreatAnalyzerException.class)
public void testCheckMaxStringLengthFail() throws Exception {
JSONConfig config = Mockito.mock(JSONConfig.class);
Mockito.when(config.getMaxStringLength()).thenReturn(10);
JSONAnalyzer analyzer = new JSONAnalyzer();
analyzer.configure(config);
String jsonString = "{\"a\": \"abcdef123456\"}";
analyzer.analyze(jsonString, "/foo2");
}
Also used :
JSONAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.JSONAnalyzer)
JSONConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig)
Test(org.testng.annotations.Test)
Example 3 with JSONConfig
use of org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig in project carbon-apimgt by wso2.
the class JSONAnalyzerTestCase method testMaxFieldCountPass.
@Test
public void testMaxFieldCountPass() throws Exception {
JSONConfig config = Mockito.mock(JSONConfig.class);
Mockito.when(config.getMaxPropertyCount()).thenReturn(5);
JSONAnalyzer analyzer = new JSONAnalyzer();
analyzer.configure(config);
String jsonString = "{\"a\": [1, 2, 3, 4, 5, 6], \"b\": 1, \"c\": 2, \"d\": 3, \"e\": 5}";
analyzer.analyze(jsonString, "/foo");
}
Also used :
JSONAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.JSONAnalyzer)
JSONConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig)
Test(org.testng.annotations.Test)
Example 4 with JSONConfig
use of org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig in project carbon-apimgt by wso2.
the class JSONAnalyzerTestCase method testMaxFieldCountFail.
@Test(expectedExceptions = APIMThreatAnalyzerException.class)
public void testMaxFieldCountFail() throws Exception {
JSONConfig config = Mockito.mock(JSONConfig.class);
Mockito.when(config.getMaxPropertyCount()).thenReturn(3);
JSONAnalyzer analyzer = new JSONAnalyzer();
analyzer.configure(config);
String jsonString = "{\"a\": [1, 2, 3, 4, 5, 6], \"b\": 1, \"c\": 2, \"d\": 3, \"e\": 5}";
analyzer.analyze(jsonString, "/foo");
}
Also used :
JSONAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.JSONAnalyzer)
JSONConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig)
Test(org.testng.annotations.Test)
Example 5 with JSONConfig
use of org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig in project carbon-apimgt by wso2.
the class JSONAnalyzerTestCase method testMaxArrayElementCountPass.
@Test
public void testMaxArrayElementCountPass() throws Exception {
JSONConfig config = Mockito.mock(JSONConfig.class);
Mockito.when(config.getMaxArrayElementCount()).thenReturn(5);
JSONAnalyzer analyzer = new JSONAnalyzer();
analyzer.configure(config);
String jsonString = "{\"a\": [1, 2, 3, 4, 5]}";
analyzer.analyze(jsonString, "/foo");
}
Also used :
JSONAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.JSONAnalyzer)
JSONConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig)
Test(org.testng.annotations.Test)
Aggregations
JSONConfig (org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig)15
Test (org.testng.annotations.Test)13
JSONAnalyzer (org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.JSONAnalyzer)12
BBoolean (org.ballerinalang.model.values.BBoolean)1
BStruct (org.ballerinalang.model.values.BStruct)1
BeforeTest (org.testng.annotations.BeforeTest)1
APIMThreatAnalyzer (org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.APIMThreatAnalyzer)1
XMLAnalyzer (org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.XMLAnalyzer)1
XMLConfig (org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.XMLConfig)1
