use of org.wso2.carbon.apimgt.gateway.handlers.security.APIKeyValidator in project carbon-apimgt by wso2.
the class APIKeyValidatorTestCase method testCheckForValidToken.
// Test for first time invocation for valid token
// Expectation: Token get cached in token cache and @APIKeyValidationInfoDTO cache in key cache
// Neither invalid token cache get called in put/remove
@Test
public void testCheckForValidToken() throws APISecurityException {
try {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(MultitenantConstants.SUPER_TENANT_ID);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername("admin");
String tenantDomain = "carbon.super";
APIKeyValidationInfoDTO apiKeyValidationInfoDTO = new APIKeyValidationInfoDTO();
apiKeyValidationInfoDTO.setAuthorized(true);
AxisConfiguration axisConfiguration = Mockito.mock(AxisConfiguration.class);
Cache tokenCache = Mockito.mock(Cache.class);
Cache keyCache = Mockito.mock(Cache.class);
Cache resourceCache = Mockito.mock(Cache.class);
Cache invalidTokenCache = Mockito.mock(Cache.class);
APIKeyDataStore apiKeyDataStore = Mockito.mock(APIKeyDataStore.class);
APIKeyValidator apiKeyValidator = getAPIKeyValidator(axisConfiguration, invalidTokenCache, tokenCache, keyCache, resourceCache, apiKeyDataStore, MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
Mockito.when(tokenCache.get(Mockito.anyString())).thenReturn(null);
Mockito.when(invalidTokenCache.get(Mockito.anyString())).thenReturn(null);
Mockito.when(apiKeyDataStore.getAPIKeyData(context, apiVersion, apiKey, authenticationScheme, matchingResource, httpVerb, tenantDomain, new ArrayList<>())).thenReturn(apiKeyValidationInfoDTO);
apiKeyValidator.getKeyValidationInfo(context, apiKey, apiVersion, authenticationScheme, matchingResource, httpVerb, defaultVersionInvoked, new ArrayList<>());
Mockito.verify(tokenCache, Mockito.times(1)).get(Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(1)).get(Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(0)).get(Mockito.anyString());
Mockito.verify(tokenCache, Mockito.times(1)).put(Mockito.anyString(), Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(1)).put(Mockito.any(APIKeyValidationInfoDTO.class), Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(0)).put(Mockito.anyString(), Mockito.anyString());
Mockito.verify(tokenCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(apiKeyDataStore, Mockito.times(1)).getAPIKeyData(context, apiVersion, apiKey, authenticationScheme, matchingResource, httpVerb, tenantDomain, new ArrayList<>());
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
use of org.wso2.carbon.apimgt.gateway.handlers.security.APIKeyValidator in project carbon-apimgt by wso2.
the class APIKeyValidatorTestCase method testDatasourceConfigurationAndCleanup.
@Test
public void testDatasourceConfigurationAndCleanup() throws Exception {
AxisConfiguration axisConfig = Mockito.mock(AxisConfiguration.class);
WSAPIKeyDataStore wsDataStore = Mockito.mock(WSAPIKeyDataStore.class);
PowerMockito.whenNew(WSAPIKeyDataStore.class).withNoArguments().thenReturn(wsDataStore);
APIKeyValidator wsKeyValidator = new APIKeyValidator() {
};
// test cleanup for WSClient
wsKeyValidator.cleanup();
Mockito.verify(wsDataStore, Mockito.times(1)).cleanup();
}
use of org.wso2.carbon.apimgt.gateway.handlers.security.APIKeyValidator in project carbon-apimgt by wso2.
the class APIKeyValidatorTestCase method testCheckForInValidTokenInTenant.
// Test case for Invalid,expired,revoked tokens when first time invocation
// Expectation : invalid token need to put into invalid token cache in tenant and super tenant
@Test
public void testCheckForInValidTokenInTenant() throws APISecurityException {
try {
String tenantDomain = "abc.com";
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain("abc.com");
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(1);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername("admin");
APIKeyValidationInfoDTO apiKeyValidationInfoDTO = new APIKeyValidationInfoDTO();
apiKeyValidationInfoDTO.setAuthorized(false);
apiKeyValidationInfoDTO.setValidationStatus(APIConstants.KeyValidationStatus.API_AUTH_INVALID_CREDENTIALS);
AxisConfiguration axisConfiguration = Mockito.mock(AxisConfiguration.class);
Cache tokenCache = Mockito.mock(Cache.class);
Cache keyCache = Mockito.mock(Cache.class);
Cache resourceCache = Mockito.mock(Cache.class);
Cache invalidTokenCache = Mockito.mock(Cache.class);
APIKeyDataStore apiKeyDataStore = Mockito.mock(APIKeyDataStore.class);
APIKeyValidator apiKeyValidator = getAPIKeyValidator(axisConfiguration, invalidTokenCache, tokenCache, keyCache, resourceCache, apiKeyDataStore, "abc.com");
Mockito.when(tokenCache.get(Mockito.anyString())).thenReturn(null);
Mockito.when(invalidTokenCache.get(Mockito.anyString())).thenReturn(null);
Mockito.when(apiKeyDataStore.getAPIKeyData(context, apiVersion, apiKey, authenticationScheme, matchingResource, httpVerb, tenantDomain, new ArrayList<>())).thenReturn(apiKeyValidationInfoDTO);
apiKeyValidator.getKeyValidationInfo(context, apiKey, apiVersion, authenticationScheme, matchingResource, httpVerb, defaultVersionInvoked, new ArrayList<>());
Mockito.verify(tokenCache, Mockito.times(1)).get(Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(1)).get(Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(0)).get(Mockito.anyString());
Mockito.verify(tokenCache, Mockito.times(0)).put(Mockito.anyString(), Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(0)).put(Mockito.any(APIKeyValidationInfoDTO.class), Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(2)).put(Mockito.anyString(), Mockito.anyString());
Mockito.verify(tokenCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(apiKeyDataStore, Mockito.times(1)).getAPIKeyData(context, apiVersion, apiKey, authenticationScheme, matchingResource, httpVerb, tenantDomain, new ArrayList<>());
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
use of org.wso2.carbon.apimgt.gateway.handlers.security.APIKeyValidator in project carbon-apimgt by wso2.
the class APIKeyValidatorTestCase method testCheckForRevokedTokenWhereAlreadyGetCached.
// Token is expired in cache
// Expectation : token get from token cache then get from key cache check token is expiry
// remove from key cache remove from token cache put into invalid token cache
@Test
public void testCheckForRevokedTokenWhereAlreadyGetCached() throws APISecurityException {
try {
String tenantDomain = "carbon.super";
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(MultitenantConstants.SUPER_TENANT_ID);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername("admin");
APIKeyValidationInfoDTO apiKeyValidationInfoDTO = new APIKeyValidationInfoDTO();
apiKeyValidationInfoDTO.setAuthorized(true);
PowerMockito.when(APIUtil.isAccessTokenExpired(apiKeyValidationInfoDTO)).thenReturn(true);
AxisConfiguration axisConfiguration = Mockito.mock(AxisConfiguration.class);
Cache tokenCache = Mockito.mock(Cache.class);
Cache keyCache = Mockito.mock(Cache.class);
Cache resourceCache = Mockito.mock(Cache.class);
Cache invalidTokenCache = Mockito.mock(Cache.class);
APIKeyDataStore apiKeyDataStore = Mockito.mock(APIKeyDataStore.class);
APIKeyValidator apiKeyValidator = getAPIKeyValidator(axisConfiguration, invalidTokenCache, tokenCache, keyCache, resourceCache, apiKeyDataStore, MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
apiKeyValidator.dataStore = apiKeyDataStore;
Mockito.when(tokenCache.get(Mockito.anyString())).thenReturn(null);
Mockito.when(invalidTokenCache.get(Mockito.anyString())).thenReturn("carbon.super");
Mockito.when(keyCache.get(Mockito.anyString())).thenReturn(apiKeyValidationInfoDTO);
Mockito.when(apiKeyDataStore.getAPIKeyData(context, apiVersion, apiKey, authenticationScheme, matchingResource, httpVerb, tenantDomain, new ArrayList<>())).thenReturn(apiKeyValidationInfoDTO);
apiKeyValidator.getKeyValidationInfo(context, apiKey, apiVersion, authenticationScheme, matchingResource, httpVerb, defaultVersionInvoked, new ArrayList<>());
Mockito.verify(tokenCache, Mockito.times(1)).get(Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(1)).get(Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(0)).get(Mockito.anyString());
Mockito.verify(tokenCache, Mockito.times(0)).put(Mockito.anyString(), Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(0)).put(Mockito.any(APIKeyValidationInfoDTO.class), Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(0)).put(Mockito.anyString(), Mockito.anyString());
Mockito.verify(tokenCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(apiKeyDataStore, Mockito.times(0)).getAPIKeyData(context, apiVersion, apiKey, authenticationScheme, matchingResource, httpVerb, tenantDomain, new ArrayList<>());
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
use of org.wso2.carbon.apimgt.gateway.handlers.security.APIKeyValidator in project carbon-apimgt by wso2.
the class APIKeyValidatorTestCase method testFindMatchingVerbWithValidResources.
@Test
public void testFindMatchingVerbWithValidResources() throws Exception {
MessageContext synCtx = Mockito.mock(Axis2MessageContext.class);
Mockito.when(synCtx.getProperty(RESTConstants.SYNAPSE_REST_API_VERSION_STRATEGY)).thenReturn(null);
Mockito.when(synCtx.getProperty(APIConstants.API_RESOURCE_CACHE_KEY)).thenReturn("abc");
Mockito.when(synCtx.getProperty(RESTConstants.REST_FULL_REQUEST_PATH)).thenReturn("");
Mockito.when(synCtx.getProperty(RESTConstants.REST_API_CONTEXT)).thenReturn("");
Mockito.when(synCtx.getProperty(RESTConstants.SYNAPSE_REST_API_VERSION)).thenReturn("1.0");
org.apache.axis2.context.MessageContext axis2MsgCntxt = Mockito.mock(org.apache.axis2.context.MessageContext.class);
Mockito.when(axis2MsgCntxt.getProperty(Constants.Configuration.HTTP_METHOD)).thenReturn("GET");
Mockito.when(((Axis2MessageContext) synCtx).getAxis2MessageContext()).thenReturn(axis2MsgCntxt);
Resource resource = Mockito.mock(Resource.class);
SynapseConfiguration synapseConfiguration = Mockito.mock(SynapseConfiguration.class);
Mockito.when(synCtx.getConfiguration()).thenReturn(synapseConfiguration);
API api2 = Mockito.mock(API.class);
PowerMockito.whenNew(API.class).withArguments("abc", "/").thenReturn(api2);
Mockito.when(synapseConfiguration.getAPI("abc")).thenReturn(api2);
Resource resource1 = Mockito.mock(Resource.class);
Mockito.when(resource1.getMethods()).thenReturn(new String[] { "GET" });
Resource[] resourceArray = new Resource[1];
resourceArray[0] = resource1;
// Mockito.when(resourceArray[0]).thenReturn(resource1);
Mockito.when(api2.getResources()).thenReturn(resourceArray);
Mockito.when(synCtx.getProperty(Constants.Configuration.HTTP_METHOD)).thenReturn("GET");
DispatcherHelper helper = Mockito.mock(DispatcherHelper.class);
Mockito.when(resource1.getDispatcherHelper()).thenReturn(helper);
Mockito.when(helper.getString()).thenReturn("/test");
VerbInfoDTO verbInfoDTO = getDefaultVerbInfoDTO();
APIKeyValidator apiKeyValidator = createAPIKeyValidator(true, getDefaultURITemplates("/menu", "GET"), verbInfoDTO);
try {
// Test for ResourceNotFoundexception
PowerMockito.mockStatic(Cache.class);
Cache cache = Mockito.mock(Cache.class);
PowerMockito.mockStatic(org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder.class);
PowerMockito.mockStatic(APIManagerConfigurationService.class);
PowerMockito.mockStatic(CacheProvider.class);
org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder serviceReferenceHolder = Mockito.mock(org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder.class);
final APIManagerConfiguration apiManagerConfiguration = Mockito.mock(APIManagerConfiguration.class);
PowerMockito.when(org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder.getInstance()).thenReturn(serviceReferenceHolder);
APIManagerConfigurationService apiManagerConfigurationService = Mockito.mock(APIManagerConfigurationService.class);
PowerMockito.when(serviceReferenceHolder.getAPIManagerConfigurationService()).thenReturn(apiManagerConfigurationService);
PowerMockito.when(apiManagerConfigurationService.getAPIManagerConfiguration()).thenReturn(apiManagerConfiguration);
CacheProvider cacheProvider = Mockito.mock(CacheProvider.class);
PowerMockito.when(cacheProvider.getDefaultCacheTimeout()).thenReturn((long) 900);
Mockito.when(CacheProvider.getResourceCache()).thenReturn(cache);
assertNotNull(apiKeyValidator.findMatchingVerb(synCtx));
// todo Mockito.when(synCtx.getProperty(RESTConstants.SYNAPSE_REST_API_VERSION_STRATEGY)).thenReturn("url");
} catch (ResourceNotFoundException e) {
assert true;
} catch (APISecurityException e) {
fail("APISecurityException is thrown " + e);
}
APIKeyValidator apiKeyValidator1 = createAPIKeyValidator(false, getDefaultURITemplates("/menu", "GET"), verbInfoDTO);
API api = new API("abc", "/");
Mockito.when(synCtx.getProperty(APIConstants.API_ELECTED_RESOURCE)).thenReturn("/menu");
api.addResource(resource);
Mockito.when(synapseConfiguration.getAPI("abc")).thenReturn((api));
try {
// Test for matching verb is found path
List<VerbInfoDTO> verbInfoList = new ArrayList<>();
verbInfoList.add(verbInfoDTO);
assertEquals("", verbInfoList, apiKeyValidator1.findMatchingVerb(synCtx));
} catch (ResourceNotFoundException e) {
fail("ResourceNotFoundException exception is thrown " + e);
} catch (APISecurityException e) {
fail("APISecurityException is thrown " + e);
}
}
Aggregations