Examples with AuthenticationContext org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext used on opensource projects

Search in sources :

Example 86 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleHandlerTest method testMsgThrottleOutWhenApplicationLevelIsThrottled.

@Test
public void testMsgThrottleOutWhenApplicationLevelIsThrottled() {
    ThrottleDataHolder throttleDataHolder = new ThrottleDataHolder();
    ThrottleHandler throttleHandler = new ThrottlingHandlerWrapper(timer, throttleDataHolder, throttleEvaluator);
    MessageContext messageContext = TestUtils.getMessageContextWithAuthContext(apiContext, apiVersion);
    messageContext.setProperty(VERB_INFO_DTO, verbInfoDTO);
    ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
    AuthenticationContext authenticationContext = (AuthenticationContext) messageContext.getProperty(API_AUTH_CONTEXT);
    authenticationContext.setApiTier(throttlingTier);
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    verbInfo.setConditionGroups(conditionGroupDTOs);
    ArrayList<ConditionGroupDTO> matchingConditions = new ArrayList<>();
    matchingConditions.add(conditionGroupDTO);
    String applicationLevelThrottleKey = authenticationContext.getApplicationId() + ":" + authenticationContext.getUsername() + "@" + throttleHandler.getTenantDomain();
    // Set application level throttled out
    throttleDataHolder.addThrottleData(applicationLevelThrottleKey, System.currentTimeMillis() + 10000);
    // Should discontinue message flow, when application level is throttled
    Assert.assertFalse(throttleHandler.handleRequest(messageContext));
}
Also used : ThrottleDataHolder(org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder) AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) ArrayList(java.util.ArrayList) MessageContext(org.apache.synapse.MessageContext) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext) ConditionGroupDTO(org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 87 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleHandlerTest method testMsgThrottleOutWithUserBlockingConditions.

@Test
public void testMsgThrottleOutWithUserBlockingConditions() {
    ThrottleDataHolder throttleDataHolder = new ThrottleDataHolder();
    ThrottleHandler throttleHandler = new ThrottlingHandlerWrapper(timer, throttleDataHolder, throttleEvaluator);
    MessageContext messageContext = TestUtils.getMessageContextWithAuthContext(apiContext, apiVersion);
    messageContext.setProperty(VERB_INFO_DTO, verbInfoDTO);
    ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
    AuthenticationContext authenticationContext = (AuthenticationContext) messageContext.getProperty(API_AUTH_CONTEXT);
    verbInfo.setConditionGroups(conditionGroupDTOs);
    ArrayList<ConditionGroupDTO> matchingConditions = new ArrayList<>();
    // Adding a user blocking condition
    throttleDataHolder.addUserBlockingCondition(blockedUserWithTenantDomain, blockedUserWithTenantDomain);
    matchingConditions.add(conditionGroupDTO);
    authenticationContext.setApiTier("Unlimited");
    // When a blocked user is invoking
    authenticationContext.setUsername(blockedUserWithTenantDomain);
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    throttleDataHolder.addThrottledAPIKey(resourceLevelThrottleKey, System.currentTimeMillis() + 10000);
    Assert.assertFalse(throttleHandler.handleRequest(messageContext));
    // When an unblocked user is invoking
    authenticationContext.setUsername(userWithTenantDomain);
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    throttleDataHolder.addThrottledAPIKey(resourceLevelThrottleKey, System.currentTimeMillis() + 10000);
    Assert.assertTrue(throttleHandler.handleRequest(messageContext));
    // When a blocked user without tenant domain in the username is invoking
    authenticationContext.setUsername(blockedUserWithOutTenantDomain);
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    throttleDataHolder.addThrottledAPIKey(resourceLevelThrottleKey, System.currentTimeMillis() + 10000);
    Assert.assertFalse(throttleHandler.handleRequest(messageContext));
    // Remove the user block condition and use blocked user to invoke
    throttleDataHolder.removeUserBlockingCondition(blockedUserWithTenantDomain);
    authenticationContext.setUsername(blockedUserWithTenantDomain);
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    throttleDataHolder.addThrottledAPIKey(resourceLevelThrottleKey, System.currentTimeMillis() + 10000);
    Assert.assertTrue(throttleHandler.handleRequest(messageContext));
}
Also used : ThrottleDataHolder(org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder) AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) ArrayList(java.util.ArrayList) MessageContext(org.apache.synapse.MessageContext) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext) ConditionGroupDTO(org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 88 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleHandlerTest method testMsgThrottleOutWhenSubscriptionLevelIsThrottledAndStopOnQuotaReachIsEnabled.

@Test
public void testMsgThrottleOutWhenSubscriptionLevelIsThrottledAndStopOnQuotaReachIsEnabled() {
    ThrottleDataHolder throttleDataHolder = new ThrottleDataHolder();
    ThrottleHandler throttleHandler = new ThrottlingHandlerWrapper(timer, throttleDataHolder, throttleEvaluator);
    MessageContext messageContext = TestUtils.getMessageContextWithAuthContext(apiContext, apiVersion);
    messageContext.setProperty(VERB_INFO_DTO, verbInfoDTO);
    ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
    AuthenticationContext authenticationContext = (AuthenticationContext) messageContext.getProperty(API_AUTH_CONTEXT);
    authenticationContext.setApiTier(throttlingTier);
    authenticationContext.setStopOnQuotaReach(true);
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    verbInfo.setConditionGroups(conditionGroupDTOs);
    ArrayList<ConditionGroupDTO> matchingConditions = new ArrayList<>();
    matchingConditions.add(conditionGroupDTO);
    String subscriptionLevelThrottleKey = authenticationContext.getApplicationId() + ":" + apiContext + ":" + apiVersion + ":" + authenticationContext.getTier();
    throttleDataHolder.addThrottleData(subscriptionLevelThrottleKey, System.currentTimeMillis() + 10000);
    // Should throttle out and discontinue message flow, when subscription level is throttled out
    // and stop on quota reach is enabled
    Assert.assertFalse(throttleHandler.handleRequest(messageContext));
}
Also used : ThrottleDataHolder(org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder) AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) ArrayList(java.util.ArrayList) MessageContext(org.apache.synapse.MessageContext) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext) ConditionGroupDTO(org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 89 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleHandlerTest method testMsgThrottleOutWhenProductionHardThrottlingLimitsThrottled.

@Test
public void testMsgThrottleOutWhenProductionHardThrottlingLimitsThrottled() {
    ThrottleDataHolder throttleDataHolder = new ThrottleDataHolder();
    ThrottleHandler throttleHandler = new ThrottlingHandlerWrapper(timer, throttleDataHolder, throttleEvaluator, accessInformation);
    throttleHandler.setProductionMaxCount("100");
    SynapseEnvironment synapseEnvironment = Mockito.mock(SynapseEnvironment.class);
    throttleHandler.init(synapseEnvironment);
    MessageContext messageContext = TestUtils.getMessageContextWithAuthContext(apiContext, apiVersion);
    messageContext.setProperty(VERB_INFO_DTO, verbInfoDTO);
    ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
    AuthenticationContext authenticationContext = (AuthenticationContext) messageContext.getProperty(API_AUTH_CONTEXT);
    authenticationContext.setApiTier(throttlingTier);
    authenticationContext.setStopOnQuotaReach(false);
    authenticationContext.setKeyType("PRODUCTION");
    authenticationContext.setSpikeArrestLimit(0);
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    verbInfo.setConditionGroups(conditionGroupDTOs);
    ArrayList<ConditionGroupDTO> matchingConditions = new ArrayList<>();
    matchingConditions.add(conditionGroupDTO);
    Mockito.when(accessInformation.isAccessAllowed()).thenReturn(false);
    // Should discontinue message flow if PRODUCTION hard throttling limits are exceeded
    Assert.assertFalse(throttleHandler.handleRequest(messageContext));
}
Also used : ThrottleDataHolder(org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder) AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) SynapseEnvironment(org.apache.synapse.core.SynapseEnvironment) ArrayList(java.util.ArrayList) MessageContext(org.apache.synapse.MessageContext) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext) ConditionGroupDTO(org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 90 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class APIThrottleHandlerTest method testMsgThrottleOutWhenAPILevelQuotaExceeded.

@Test
public void testMsgThrottleOutWhenAPILevelQuotaExceeded() throws XMLStreamException, ThrottleException {
    concurrentAccessController = new ConcurrentAccessController(100);
    configurationContext.setProperty(throttleKey, concurrentAccessController);
    AuthenticationContext authenticationContext = (AuthenticationContext) messageContext.getProperty(API_AUTH_CONTEXT);
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    messageContext.setProperty(APIConstants.VERB_INFO_DTO, new VerbInfoDTO());
    ((Axis2MessageContext) messageContext).getAxis2MessageContext().setConfigurationContext(configurationContext);
    TestUtils.loadAPIThrottlingPolicyEntry(String.format(THROTTLING_POLICY_DEFINITION, "ROLE", "Silver", 1, 60000, "true"), THROTTLE_POLICY_KEY, true, 0, messageContext);
    TestUtils.loadAPIThrottlingPolicyEntry(String.format(THROTTLING_POLICY_DEFINITION, "ROLE", "Silver", 1, 60000, "true"), THROTTLE_POLICY_RESOURCE_KEY, true, 0, messageContext);
    messageContext.setProperty(RESPONSE, "false");
    apiThrottleHandler.setPolicyKey(THROTTLE_POLICY_KEY);
    apiThrottleHandler.setPolicyKeyResource(THROTTLE_POLICY_RESOURCE_KEY);
    apiThrottleHandler.setId(throttleID);
    Mockito.when(throttleContext.getThrottleConfiguration()).thenReturn(throttleConfiguration);
    Assert.assertTrue(apiThrottleHandler.handleRequest(messageContext));
    Assert.assertFalse(apiThrottleHandler.handleRequest(messageContext));
}
Also used : AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) VerbInfoDTO(org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO) ConcurrentAccessController(org.apache.synapse.commons.throttle.core.ConcurrentAccessController) Test(org.junit.Test)

Aggregations

AuthenticationContext (org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext)96 Axis2MessageContext (org.apache.synapse.core.axis2.Axis2MessageContext)69 Test (org.junit.Test)69 MessageContext (org.apache.synapse.MessageContext)56 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)49 ArrayList (java.util.ArrayList)31 ConditionGroupDTO (org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO)31 TreeMap (java.util.TreeMap)22 VerbInfoDTO (org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO)22 API (org.wso2.carbon.apimgt.keymgt.model.entity.API)21 HashMap (java.util.HashMap)19 Cache (javax.cache.Cache)18 Test (org.testng.annotations.Test)18 AuthenticationContext (org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext)18 ThrottleProperties (org.wso2.carbon.apimgt.impl.dto.ThrottleProperties)17 SignedJWT (com.nimbusds.jwt.SignedJWT)16 ConditionDTO (org.wso2.carbon.apimgt.api.dto.ConditionDTO)16 ThrottleDataHolder (org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder)16 APISecurityException (org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException)15 APIKeyValidationInfoDTO (org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO)14
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial