Example 6 with JWTInfoDto
use of org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto in project carbon-apimgt by wso2.
the class MappingUtil method toJWTInfoDTO.
/**
* Converts RegistrationSummary JWT information into JWTInfoDTO
*
* @param registrationSummary the registration summary required by gateway
* @return JWTInfoDTO
*/
private static JWTInfoDTO toJWTInfoDTO(RegistrationSummary registrationSummary) {
JWTInfoDTO jwtInfoDTO = new JWTInfoDTO();
jwtInfoDTO.enableJWTGeneration(registrationSummary.getJwtInfo().isEnableJWTGeneration());
jwtInfoDTO.jwtHeader(registrationSummary.getJwtInfo().getJwtHeader());
return jwtInfoDTO;
}
Also used :
JWTInfoDTO(org.wso2.carbon.apimgt.rest.api.core.dto.JWTInfoDTO)
Example 7 with JWTInfoDto
use of org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto in project carbon-apimgt by wso2.
the class JWTValidator method getUserClaimsFromKeyManager.
private Map<String, String> getUserClaimsFromKeyManager(JWTInfoDto jwtInfoDto) {
if (jwtConfigurationDto.isEnableUserClaimRetrievalFromUserStore()) {
String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
JWTValidationInfo jwtValidationInfo = jwtInfoDto.getJwtValidationInfo();
if (jwtValidationInfo != null) {
KeyManager keyManagerInstance = KeyManagerHolder.getKeyManagerInstance(tenantDomain, jwtValidationInfo.getKeyManager());
if (keyManagerInstance != null) {
Map<String, Object> properties = new HashMap<>();
if (jwtValidationInfo.getRawPayload() != null) {
properties.put(APIConstants.KeyManager.ACCESS_TOKEN, jwtValidationInfo.getRawPayload());
}
if (!StringUtils.isEmpty(jwtConfigurationDto.getConsumerDialectUri())) {
properties.put(APIConstants.KeyManager.CLAIM_DIALECT, jwtConfigurationDto.getConsumerDialectUri());
}
properties.put(APIConstants.KeyManager.BINDING_FEDERATED_USER_CLAIMS, jwtConfigurationDto.isBindFederatedUserClaims());
try {
return keyManagerInstance.getUserClaims(jwtInfoDto.getEndUser(), properties);
} catch (APIManagementException e) {
log.error("Error while retrieving User claims from Key Manager ", e);
}
}
}
}
return new HashMap<>();
}
Also used :
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
HashMap(java.util.HashMap)
JSONObject(org.json.JSONObject)
KeyManager(org.wso2.carbon.apimgt.api.model.KeyManager)
JWTValidationInfo(org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo)
Example 8 with JWTInfoDto
use of org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto in project carbon-apimgt by wso2.
the class JWTValidator method generateBackendJWTForWS.
/**
* Generate backend JWT for WS API requests.
*
* @param jwtValidationInfo JWTValidationInfo
* @param apiKeyValidationInfoDTO APIKeyValidationInfoDTO
* @param apiContext API Context
* @param apiVersion API Version
* @param tokenSignature Token signature
* @return Backend JWT String
* @throws APISecurityException if an error ocurrs
*/
private String generateBackendJWTForWS(JWTValidationInfo jwtValidationInfo, APIKeyValidationInfoDTO apiKeyValidationInfoDTO, String apiContext, String apiVersion, String tokenSignature) throws APISecurityException {
String endUserToken = null;
JWTInfoDto jwtInfoDto;
if (jwtGenerationEnabled) {
jwtInfoDto = GatewayUtils.generateJWTInfoDto(jwtValidationInfo, apiKeyValidationInfoDTO, apiContext, apiVersion);
endUserToken = generateAndRetrieveJWTToken(tokenSignature, jwtInfoDto);
}
return endUserToken;
}
Also used :
JWTInfoDto(org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto)
Example 9 with JWTInfoDto
use of org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto in project carbon-apimgt by wso2.
the class GatewayUtils method generateJWTInfoDto.
public static JWTInfoDto generateJWTInfoDto(JSONObject subscribedAPI, JWTValidationInfo jwtValidationInfo, APIKeyValidationInfoDTO apiKeyValidationInfoDTO, org.apache.synapse.MessageContext synCtx) {
JWTInfoDto jwtInfoDto = new JWTInfoDto();
jwtInfoDto.setJwtValidationInfo(jwtValidationInfo);
// jwtInfoDto.setMessageContext(synCtx);
String apiContext = (String) synCtx.getProperty(RESTConstants.REST_API_CONTEXT);
String apiVersion = (String) synCtx.getProperty(RESTConstants.SYNAPSE_REST_API_VERSION);
jwtInfoDto.setApiContext(apiContext);
jwtInfoDto.setVersion(apiVersion);
constructJWTContent(subscribedAPI, apiKeyValidationInfoDTO, jwtInfoDto);
return jwtInfoDto;
}
Also used :
JWTInfoDto(org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto)
Example 10 with JWTInfoDto
use of org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto in project carbon-apimgt by wso2.
the class ApiKeyAuthenticator method generateAndRetrieveBackendJWTToken.
private String generateAndRetrieveBackendJWTToken(String tokenSignature, JWTInfoDto jwtInfoDto) throws APISecurityException {
String endUserToken = null;
boolean valid = false;
String jwtTokenCacheKey = jwtInfoDto.getApiContext().concat(":").concat(jwtInfoDto.getVersion()).concat(":").concat(tokenSignature);
if (isGatewayTokenCacheEnabled) {
Object token = getGatewayApiKeyCache().get(jwtTokenCacheKey);
if (token != null) {
endUserToken = (String) token;
String[] splitToken = ((String) token).split("\\.");
JSONObject payload = new JSONObject(new String(Base64.getUrlDecoder().decode(splitToken[1])));
long exp = payload.getLong("exp");
long timestampSkew = OAuthServerConfiguration.getInstance().getTimeStampSkewInSeconds() * 1000;
valid = (exp - System.currentTimeMillis() > timestampSkew);
}
if (StringUtils.isEmpty(endUserToken) || !valid) {
try {
endUserToken = apiMgtGatewayJWTGenerator.generateToken(jwtInfoDto);
getGatewayApiKeyCache().put(jwtTokenCacheKey, endUserToken);
} catch (JWTGeneratorException e) {
log.error("Error while Generating Backend JWT", e);
throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, APISecurityConstants.API_AUTH_GENERAL_ERROR_MESSAGE, e);
}
}
} else {
try {
endUserToken = apiMgtGatewayJWTGenerator.generateToken(jwtInfoDto);
} catch (JWTGeneratorException e) {
log.error("Error while Generating Backend JWT", e);
throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, APISecurityConstants.API_AUTH_GENERAL_ERROR_MESSAGE, e);
}
}
return endUserToken;
}
Also used :
APISecurityException(org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException)
JSONObject(org.json.JSONObject)
JSONObject(org.json.JSONObject)
JWTGeneratorException(org.wso2.carbon.apimgt.common.gateway.exception.JWTGeneratorException)
Aggregations
JWTInfoDto (org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto)6
JWTValidationInfo (org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo)4
APISecurityException (org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException)4
JSONObject (org.json.JSONObject)3
Axis2MessageContext (org.apache.synapse.core.axis2.Axis2MessageContext)2
APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)2
JWTGeneratorException (org.wso2.carbon.apimgt.common.gateway.exception.JWTGeneratorException)2
JWSHeader (com.nimbusds.jose.JWSHeader)1
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)1
SignedJWT (com.nimbusds.jwt.SignedJWT)1
OpenAPI (io.swagger.v3.oas.models.OpenAPI)1
ParseException (java.text.ParseException)1
ArrayList (java.util.ArrayList)1
HashMap (java.util.HashMap)1
X509Certificate (javax.security.cert.X509Certificate)1
JSONException (org.json.JSONException)1
KeyManager (org.wso2.carbon.apimgt.api.model.KeyManager)1
MethodStats (org.wso2.carbon.apimgt.gateway.MethodStats)1
JWTTokenPayloadInfo (org.wso2.carbon.apimgt.gateway.dto.JWTTokenPayloadInfo)1
AuthenticationContext (org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext)1
