use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.
the class ThrottleConditionEvaluatorTest method testApplicabilityOfNonMatchingIPRangeCondition.
@Test
public void testApplicabilityOfNonMatchingIPRangeCondition() {
ConditionGroupDTO conditionGroupDTO = new ConditionGroupDTO();
conditionGroupDTO.setConditionGroupId("IPRangeConditionGroup");
// 127.0.0.1 is not in 10.10.0.1 - 10.10.0.4 IP range
ConditionDTO nonMatchingCondition = new ConditionDTO();
nonMatchingCondition.setConditionType("IPRange");
nonMatchingCondition.setConditionName("10.10.0.1");
nonMatchingCondition.setConditionValue("10.10.0.4");
ConditionDTO[] conditionDTOS = { nonMatchingCondition };
conditionGroupDTO.setConditions(conditionDTOS);
ConditionGroupDTO[] conditionGroupDTOS = { conditionGroupDTO };
List<ConditionGroupDTO> matchingConditionGroups = throttleConditionEvaluator.getApplicableConditions(TestUtils.getMessageContext(apiContext, apiVersion), new AuthenticationContext(), conditionGroupDTOS);
Assert.assertNull(matchingConditionGroups.get(0));
}
use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.
the class ThrottleConditionEvaluatorTest method testApplicabilityOfInvertedIPSpecificCondition.
@Test
public void testApplicabilityOfInvertedIPSpecificCondition() {
ConditionGroupDTO conditionGroupDTO = new ConditionGroupDTO();
conditionGroupDTO.setConditionGroupId("IPSpecificConditionGroup");
ConditionDTO invertedIPRangeCondition = new ConditionDTO();
invertedIPRangeCondition.setConditionType("IPSpecific");
invertedIPRangeCondition.setConditionValue("127.0.0.1");
invertedIPRangeCondition.isInverted(true);
ConditionDTO[] conditionDTOS = { invertedIPRangeCondition };
conditionGroupDTO.setConditions(conditionDTOS);
ConditionGroupDTO[] conditionGroupDTOS = { conditionGroupDTO };
List<ConditionGroupDTO> matchingConditionGroups = throttleConditionEvaluator.getApplicableConditions(TestUtils.getMessageContext(apiContext, apiVersion), new AuthenticationContext(), conditionGroupDTOS);
Assert.assertNull(matchingConditionGroups.get(0));
}
use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.
the class ThrottleConditionEvaluatorTest method testGetThrottledInConditionWithJWTConditionInvert.
@Test
public void testGetThrottledInConditionWithJWTConditionInvert() {
ThrottleProperties throttleProperties = new ThrottleProperties();
throttleProperties.setEnableJwtConditions(true);
String jwt = "eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ3c28yLm9yZy9wcm9kdWN0cy9hbSIsImV4cCI6MTM0NTE4MzQ5MjE4MSwiaHR0cDov" + "L3dzbzIub3JnL2NsYWltcy9hYmMiOiJjZGUiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2JjZCI6Inh5eiJ9.9zGU062DJ5mQ5hne" + "41h4IRpLbaY_b5thRxb3feebOcA";
AuthenticationContext authenticationContext = new AuthenticationContext();
authenticationContext.setCallerToken(jwt);
ServiceReferenceHolder.getInstance().setThrottleProperties(throttleProperties);
MessageContext messageContext = TestUtils.getMessageContext(apiContext, apiVersion);
Map<String, List<ConditionDto>> conditionMap = new HashMap<>();
conditionMap.put("condition1", Arrays.asList(new ConditionDto[] { getJWTCondition(true) }));
conditionMap.put("default", Arrays.asList(new ConditionDto[] { getJWTCondition(true) }));
String condition = throttleConditionEvaluator.getThrottledInCondition(messageContext, authenticationContext, conditionMap);
Assert.assertEquals(condition, "default");
}
use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.
the class InboundWebsocketProcessorUtil method authenticateWSJWTToken.
/**
* Authenticates JWT token in incoming Websocket handshake requests.
*
* @param inboundMessageContext InboundMessageContext
* @return true if authenticated
* @throws APIManagementException if an internal error occurs
* @throws APISecurityException if authentication fails
*/
public static boolean authenticateWSJWTToken(InboundMessageContext inboundMessageContext) throws APIManagementException, APISecurityException {
AuthenticationContext authenticationContext;
JWTValidator jwtValidator = new JWTValidator(new APIKeyValidator(), inboundMessageContext.getTenantDomain());
authenticationContext = jwtValidator.authenticateForWebSocket(inboundMessageContext.getSignedJWTInfo(), inboundMessageContext.getApiContext(), inboundMessageContext.getVersion(), inboundMessageContext.getMatchingResource());
return validateAuthenticationContext(authenticationContext, inboundMessageContext);
}
use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.
the class InboundWebsocketProcessorUtil method authenticateGraphQLJWTToken.
/**
* Authenticates JWT token in incoming GraphQL subscription requests.
*
* @param inboundMessageContext InboundMessageContext
* @return true if authenticated
* @throws APIManagementException if an internal error occurs
* @throws APISecurityException if authentication fails
*/
public static boolean authenticateGraphQLJWTToken(InboundMessageContext inboundMessageContext) throws APIManagementException, APISecurityException {
AuthenticationContext authenticationContext;
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(inboundMessageContext.getTenantDomain(), true);
JWTValidator jwtValidator = new JWTValidator(new APIKeyValidator(), inboundMessageContext.getTenantDomain());
authenticationContext = jwtValidator.authenticateForGraphQLSubscription(inboundMessageContext.getSignedJWTInfo(), inboundMessageContext.getApiContext(), inboundMessageContext.getVersion());
return validateAuthenticationContext(authenticationContext, inboundMessageContext);
}
Aggregations