Search in sources :

Example 1 with KeyMgtConfigurations

use of org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations in project carbon-apimgt by wso2.

the class ApisApiServiceImpl method apisApiIdSwaggerPut.

/**
 * Updates the swagger defnition of an API
 *
 * @param apiId             UUID of API
 * @param apiDefinition     updated swagger defintion
 * @param ifMatch           If-Match header value
 * @param ifUnmodifiedSince If-Unmodified-Since header value
 * @param request           msf4j request object
 * @return Updated swagger definition
 * @throws NotFoundException When the particular resource does not exist in the system
 */
@Override
public Response apisApiIdSwaggerPut(String apiId, String apiDefinition, String ifMatch, String ifUnmodifiedSince, Request request) throws NotFoundException {
    String username = RestApiUtil.getLoggedInUsername(request);
    try {
        APIPublisher apiPublisher = RestAPIPublisherUtil.getApiPublisher(username);
        String existingFingerprint = apisApiIdSwaggerGetFingerprint(apiId, null, null, request);
        if (!StringUtils.isEmpty(ifMatch) && !StringUtils.isEmpty(existingFingerprint) && !ifMatch.contains(existingFingerprint)) {
            return Response.status(Response.Status.PRECONDITION_FAILED).build();
        }
        KeyMgtConfigurations keyManagerConfiguration = APIMConfigurationService.getInstance().getApimConfigurations().getKeyManagerConfigs();
        Map<String, String> scopes = new APIDefinitionFromSwagger20().getScopesFromSecurityDefinition(apiDefinition);
        for (String scopeName : scopes.keySet()) {
            if (scopeName.contains(keyManagerConfiguration.getProductRestApiScopesKeyWord())) {
                String message = "scope name couldn't have the restricted keyword " + keyManagerConfiguration.getProductRestApiScopesKeyWord();
                ErrorDTO errorDTO = RestApiUtil.getErrorDTO(message, 900313L, message);
                return Response.status(Response.Status.PRECONDITION_FAILED).entity(errorDTO).build();
            }
        }
        apiPublisher.saveSwagger20Definition(apiId, apiDefinition);
        String apiSwagger = apiPublisher.getApiSwaggerDefinition(apiId);
        String newFingerprint = apisApiIdSwaggerGetFingerprint(apiId, null, null, request);
        return Response.ok().header(HttpHeaders.ETAG, "\"" + newFingerprint + "\"").entity(apiSwagger).build();
    } catch (APIManagementException e) {
        String errorMessage = "Error while put swagger for API : " + apiId;
        HashMap<String, String> paramList = new HashMap<String, String>();
        paramList.put(APIMgtConstants.ExceptionsConstants.API_ID, apiId);
        ErrorDTO errorDTO = RestApiUtil.getErrorDTO(e.getErrorHandler(), paramList);
        log.error(errorMessage, e);
        return Response.status(e.getErrorHandler().getHttpStatusCode()).entity(errorDTO).build();
    }
}
Also used : KeyMgtConfigurations(org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations) APIManagementException(org.wso2.carbon.apimgt.core.exception.APIManagementException) HashMap(java.util.HashMap) APIDefinitionFromSwagger20(org.wso2.carbon.apimgt.core.impl.APIDefinitionFromSwagger20) ErrorDTO(org.wso2.carbon.apimgt.rest.api.common.dto.ErrorDTO) APIPublisher(org.wso2.carbon.apimgt.core.api.APIPublisher)

Example 2 with KeyMgtConfigurations

use of org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations in project carbon-apimgt by wso2.

the class ApisApiServiceImpl method apisApiIdScopesNameGet.

@Override
public Response apisApiIdScopesNameGet(String apiId, String name, String ifNoneMatch, String ifModifiedSince, Request request) throws NotFoundException {
    String username = RestApiUtil.getLoggedInUsername(request);
    try {
        APIPublisher apiPublisher = RestAPIPublisherUtil.getApiPublisher(username);
        Scope scope = apiPublisher.getScopeInformationOfApi(apiId, name);
        KeyMgtConfigurations keyManagerConfiguration = APIMConfigurationService.getInstance().getApimConfigurations().getKeyManagerConfigs();
        ScopeDTO scopeDTO = MappingUtil.scopeDto(scope, keyManagerConfiguration.getScopeBindingType());
        return Response.ok().entity(scopeDTO).build();
    } catch (APIManagementException e) {
        String errorMessage = "Error while retrieving swagger definition of API : " + apiId;
        HashMap<String, String> paramList = new HashMap<String, String>();
        paramList.put(APIMgtConstants.ExceptionsConstants.API_ID, apiId);
        ErrorDTO errorDTO = RestApiUtil.getErrorDTO(e.getErrorHandler(), paramList);
        log.error(errorMessage, e);
        return Response.status(e.getErrorHandler().getHttpStatusCode()).entity(errorDTO).build();
    }
}
Also used : Scope(org.wso2.carbon.apimgt.core.models.Scope) KeyMgtConfigurations(org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations) APIManagementException(org.wso2.carbon.apimgt.core.exception.APIManagementException) HashMap(java.util.HashMap) ScopeDTO(org.wso2.carbon.apimgt.rest.api.publisher.dto.ScopeDTO) ErrorDTO(org.wso2.carbon.apimgt.rest.api.common.dto.ErrorDTO) APIPublisher(org.wso2.carbon.apimgt.core.api.APIPublisher)

Example 3 with KeyMgtConfigurations

use of org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations in project carbon-apimgt by wso2.

the class ScopeRegistrationServiceStubFactoryTest method testGetScopeRegistrationForWso2Is.

@Test
public void testGetScopeRegistrationForWso2Is() throws Exception {
    KeyMgtConfigurations keyManagerConfiguration = new KeyMgtConfigurations();
    keyManagerConfiguration.setKeyManagerImplClass(WSO2ISKeyManagerImpl.class.getCanonicalName());
    ConfigProvider configProvider = Mockito.mock(ConfigProvider.class);
    APIMConfigurations apimConfigurations = new APIMConfigurations();
    apimConfigurations.setKeyManagerConfigs(keyManagerConfiguration);
    Mockito.when(configProvider.getConfigurationObject(APIMConfigurations.class)).thenReturn(apimConfigurations);
    ServiceReferenceHolder.getInstance().setConfigProvider(configProvider);
    ScopeRegistration scopeRegistration = ScopeRegistrationServiceStubFactory.getScopeRegistration();
    Assert.assertTrue(scopeRegistration instanceof WSO2ISScopeRegistrationImpl);
}
Also used : KeyMgtConfigurations(org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations) ConfigProvider(org.wso2.carbon.config.provider.ConfigProvider) APIMConfigurations(org.wso2.carbon.apimgt.core.configuration.models.APIMConfigurations) WSO2ISKeyManagerImpl(org.wso2.carbon.apimgt.core.impl.WSO2ISKeyManagerImpl) Test(org.testng.annotations.Test)

Example 4 with KeyMgtConfigurations

use of org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations in project carbon-apimgt by wso2.

the class APIDefinitionFromSwagger20 method addScopeToSwaggerDefinition.

@Override
public String addScopeToSwaggerDefinition(String resourceConfigJSON, Scope scope) {
    KeyMgtConfigurations keyManagerConfigs = ServiceReferenceHolder.getInstance().getAPIMConfiguration().getKeyManagerConfigs();
    SwaggerParser swaggerParser = new SwaggerParser();
    Swagger swagger = swaggerParser.parse(resourceConfigJSON);
    Map<String, SecuritySchemeDefinition> securitySchemeDefinitionMap = swagger.getSecurityDefinitions();
    if (securitySchemeDefinitionMap != null && !securitySchemeDefinitionMap.isEmpty() && securitySchemeDefinitionMap.containsKey(APIMgtConstants.OAUTH2SECURITY)) {
        OAuth2Definition oAuth2Definition = (OAuth2Definition) securitySchemeDefinitionMap.get(APIMgtConstants.OAUTH2SECURITY);
        // Removing Scope from Swagger SecurityDefinition
        Map<String, String> scopeMap = oAuth2Definition.getScopes();
        if (scopeMap != null) {
            scopeMap.put(scope.getName(), scope.getDescription());
        }
    } else {
        OAuth2Definition oAuth2Definition = new OAuth2Definition();
        oAuth2Definition.setType("oauth2");
        oAuth2Definition.setFlow("password");
        oAuth2Definition.setTokenUrl(keyManagerConfigs.getTokenEndpoint());
        Map<String, String> scopes = new HashMap<>();
        scopes.put(scope.getName(), scope.getDescription());
        oAuth2Definition.setScopes(scopes);
        if (securitySchemeDefinitionMap != null) {
            securitySchemeDefinitionMap.put(APIMgtConstants.OAUTH2SECURITY, oAuth2Definition);
        } else {
            securitySchemeDefinitionMap = new HashMap<>();
            securitySchemeDefinitionMap.put(APIMgtConstants.OAUTH2SECURITY, oAuth2Definition);
            swagger.setSecurityDefinitions(securitySchemeDefinitionMap);
        }
    }
    return Json.pretty(swagger);
}
Also used : SwaggerParser(io.swagger.parser.SwaggerParser) KeyMgtConfigurations(org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) Swagger(io.swagger.models.Swagger) OAuth2Definition(io.swagger.models.auth.OAuth2Definition) SecuritySchemeDefinition(io.swagger.models.auth.SecuritySchemeDefinition)

Example 5 with KeyMgtConfigurations

use of org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations in project carbon-apimgt by wso2.

the class APIDefinitionFromSwagger20 method addSecuritySchemeToSwaggerDefinition.

private void addSecuritySchemeToSwaggerDefinition(Swagger swagger, API api) {
    KeyMgtConfigurations keyMgtConfigurations = ServiceReferenceHolder.getInstance().getAPIMConfiguration().getKeyManagerConfigs();
    if ((api.getSecurityScheme() & 2) == 2) {
        // apikey
        log.debug("API security scheme : API Key Scheme");
        if (swagger.getSecurityDefinitions() == null || !swagger.getSecurityDefinitions().containsKey(APIMgtConstants.SWAGGER_APIKEY)) {
            swagger.securityDefinition(APIMgtConstants.SWAGGER_APIKEY, new ApiKeyAuthDefinition(APIMgtConstants.SWAGGER_APIKEY, In.HEADER));
        }
    }
    if ((api.getSecurityScheme() & 1) == 1) {
        log.debug("API security Scheme : Oauth");
        OAuth2Definition oAuth2Definition = new OAuth2Definition();
        oAuth2Definition = oAuth2Definition.application(keyMgtConfigurations.getTokenEndpoint());
        oAuth2Definition.setScopes(Collections.emptyMap());
        if (swagger.getSecurityDefinitions() == null || !swagger.getSecurityDefinitions().containsKey(APIMgtConstants.OAUTH2SECURITY)) {
            swagger.securityDefinition(APIMgtConstants.OAUTH2SECURITY, oAuth2Definition);
        }
    }
}
Also used : ApiKeyAuthDefinition(io.swagger.models.auth.ApiKeyAuthDefinition) KeyMgtConfigurations(org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations) OAuth2Definition(io.swagger.models.auth.OAuth2Definition)

Aggregations

KeyMgtConfigurations (org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations)6 HashMap (java.util.HashMap)4 APIPublisher (org.wso2.carbon.apimgt.core.api.APIPublisher)3 APIManagementException (org.wso2.carbon.apimgt.core.exception.APIManagementException)3 ErrorDTO (org.wso2.carbon.apimgt.rest.api.common.dto.ErrorDTO)3 OAuth2Definition (io.swagger.models.auth.OAuth2Definition)2 Scope (org.wso2.carbon.apimgt.core.models.Scope)2 Swagger (io.swagger.models.Swagger)1 ApiKeyAuthDefinition (io.swagger.models.auth.ApiKeyAuthDefinition)1 SecuritySchemeDefinition (io.swagger.models.auth.SecuritySchemeDefinition)1 SwaggerParser (io.swagger.parser.SwaggerParser)1 URI (java.net.URI)1 URISyntaxException (java.net.URISyntaxException)1 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1 Test (org.testng.annotations.Test)1 APIMConfigurations (org.wso2.carbon.apimgt.core.configuration.models.APIMConfigurations)1 APIDefinitionFromSwagger20 (org.wso2.carbon.apimgt.core.impl.APIDefinitionFromSwagger20)1 WSO2ISKeyManagerImpl (org.wso2.carbon.apimgt.core.impl.WSO2ISKeyManagerImpl)1 ScopeDTO (org.wso2.carbon.apimgt.rest.api.publisher.dto.ScopeDTO)1 ConfigProvider (org.wso2.carbon.config.provider.ConfigProvider)1