Examples with Scope org.wso2.carbon.apimgt.core.models.Scope used on opensource projects

Example 31 with Scope

use of org.wso2.carbon.apimgt.core.models.Scope in project carbon-apimgt by wso2.

the class OAuth2Authenticator method validateScopes.

/*
    * This method validates the given scope against scopes defined in the api resource
    * @param Request
    * @param ServiceMethodInfo
    * @param scopesToValidate scopes extracted from the access token
    * @return true if scope validation successful
    * */
@SuppressFBWarnings({ "DLS_DEAD_LOCAL_STORE" })
private boolean validateScopes(Request request, ServiceMethodInfo serviceMethodInfo, String scopesToValidate, String restAPIResource) throws APIMgtSecurityException {
    final boolean[] authorized = { false };
    String path = (String) request.getProperty(APIConstants.REQUEST_URL);
    String verb = (String) request.getProperty(APIConstants.HTTP_METHOD);
    if (log.isDebugEnabled()) {
        log.debug("Invoking rest api resource path " + verb + " " + path + " ");
        log.debug("LoggedIn user scopes " + scopesToValidate);
    }
    String[] scopesArr = new String[0];
    if (scopesToValidate != null) {
        scopesArr = scopesToValidate.split(" ");
    }
    if (scopesToValidate != null && scopesArr.length > 0) {
        final List<String> scopes = Arrays.asList(scopesArr);
        if (restAPIResource != null) {
            APIDefinition apiDefinition = new APIDefinitionFromSwagger20();
            try {
                String apiResourceDefinitionScopes = apiDefinition.getScopeOfResourcePath(restAPIResource, request, serviceMethodInfo);
                if (StringUtils.isEmpty(apiResourceDefinitionScopes)) {
                    if (log.isDebugEnabled()) {
                        log.debug("Scope not defined in swagger for matching resource " + path + " and verb " + verb + " . Hence consider as anonymous permission and let request to continue.");
                    }
                    // scope validation gets through if no scopes found in the api definition
                    authorized[0] = true;
                } else {
                    Arrays.stream(apiResourceDefinitionScopes.split(" ")).forEach(scopeKey -> {
                        Optional<String> key = scopes.stream().filter(scp -> {
                            return scp.equalsIgnoreCase(scopeKey);
                        }).findAny();
                        if (key.isPresent()) {
                            // scope validation success if one of the
                            authorized[0] = true;
                        // apiResourceDefinitionScopes found.
                        }
                    });
                }
            } catch (APIManagementException e) {
                String message = "Error while validating scopes";
                log.error(message, e);
                throw new APIMgtSecurityException(message, ExceptionCodes.INVALID_SCOPE);
            }
        } else {
            if (log.isDebugEnabled()) {
                log.debug("Rest API resource could not be found for request path '" + path + "'");
            }
        }
    } else {
        // scope validation gets through if access token does not contain scopes to validate
        authorized[0] = true;
    }
    if (!authorized[0]) {
        String message = "Scope validation fails for the scopes " + scopesToValidate;
        throw new APIMgtSecurityException(message, ExceptionCodes.INVALID_SCOPE);
    }
    return authorized[0];
}

Example 32 with Scope

use of org.wso2.carbon.apimgt.core.models.Scope in project carbon-apimgt by wso2.

the class WSO2ISScopeRegistrationImpl method getScope.

private Scope getScope(Response response) throws IOException {
    Scope scope = new Scope();
    ScopeInfo scopeInfoResponse = (ScopeInfo) new GsonDecoder().decode(response, ScopeInfo.class);
    scope.setName(scopeInfoResponse.getName());
    scope.setDescription(scopeInfoResponse.getDescription());
    if (scopeInfoResponse.getBindings() != null) {
        scope.setBindings(scopeInfoResponse.getBindings());
    } else {
        scope.setBindings(Collections.emptyList());
    }
    return scope;
}

Example 33 with Scope

use of org.wso2.carbon.apimgt.core.models.Scope in project carbon-apimgt by wso2.

the class WSO2ISScopeRegistrationImpl method updateScope.

@Override
public boolean updateScope(Scope scope) throws KeyManagementException {
    ScopeInfo scopeInfo = getScopeInfoForUpdate(scope);
    Response response = wso2ISScopeRegistrationServiceStub.updateScope(scopeInfo, scope.getName());
    if (response.status() == APIMgtConstants.HTTPStatusCodes.SC_200_OK) {
        return true;
    } else {
        throw new KeyManagementException("Scope Couldn't get updated", ExceptionCodes.INTERNAL_ERROR);
    }
}

Example 34 with Scope

use of org.wso2.carbon.apimgt.core.models.Scope in project carbon-apimgt by wso2.

the class WSO2ISScopeRegistrationImpl method registerScope.

@Override
public boolean registerScope(Scope scope) throws KeyManagementException {
    ScopeInfo scopeInfo = getScopeInfo(scope);
    Response response = wso2ISScopeRegistrationServiceStub.registerScope(scopeInfo);
    if (response.status() == APIMgtConstants.HTTPStatusCodes.SC_201_CREATED) {
        return true;
    } else {
        throw new KeyManagementException("Scope Registration Failed", ExceptionCodes.SCOPE_REGISTRATION_FAILED);
    }
}

Example 35 with Scope

use of org.wso2.carbon.apimgt.core.models.Scope in project carbon-apimgt by wso2.

the class DefaultScopeRegistrationImpl method getScope.

private Scope getScope(Response response) throws IOException {
    Scope scope = new Scope();
    ScopeInfo scopeInfoResponse = (ScopeInfo) new GsonDecoder().decode(response, ScopeInfo.class);
    scope.setName(scopeInfoResponse.getName());
    scope.setDescription(scopeInfoResponse.getDescription());
    if (scopeInfoResponse.getBindings() != null) {
        scope.setBindings(scopeInfoResponse.getBindings());
    } else {
        scope.setBindings(Collections.emptyList());
    }
    return scope;
}