Search in sources :

Example 31 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleHandlerTest method testMsgThrottleOutWhenCustomThrottlingLimitExceeded.

@Test
public void testMsgThrottleOutWhenCustomThrottlingLimitExceeded() {
    ThrottleDataHolder throttleDataHolder = new ThrottleDataHolder();
    ThrottleHandler throttleHandler = new ThrottlingHandlerWrapper(timer, throttleDataHolder, throttleEvaluator, accessInformation);
    throttleHandler.setProductionMaxCount("100");
    SynapseEnvironment synapseEnvironment = Mockito.mock(SynapseEnvironment.class);
    throttleHandler.init(synapseEnvironment);
    MessageContext messageContext = TestUtils.getMessageContextWithAuthContext(apiContext, apiVersion);
    messageContext.setProperty(VERB_INFO_DTO, verbInfoDTO);
    ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
    AuthenticationContext authenticationContext = (AuthenticationContext) messageContext.getProperty(API_AUTH_CONTEXT);
    authenticationContext.setApiTier(throttlingTier);
    authenticationContext.setSpikeArrestLimit(0);
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    verbInfo.setConditionGroups(conditionGroupDTOs);
    ArrayList<ConditionGroupDTO> matchingConditions = new ArrayList<>();
    Mockito.when(accessInformation.isAccessAllowed()).thenReturn(false);
    matchingConditions.add(conditionGroupDTO);
    throttleDataHolder.addKeyTemplate("$user", "$user");
    throttleDataHolder.addKeyTemplate("testKeyTemplate", "testKeyTemplateValue");
    throttleDataHolder.addThrottleData("testKeyTemplate", System.currentTimeMillis() + 10000);
    Assert.assertFalse(throttleHandler.handleRequest(messageContext));
    throttleDataHolder.removeKeyTemplate("testKeyTemplate");
    Assert.assertTrue(throttleHandler.handleRequest(messageContext));
}
Also used : ThrottleDataHolder(org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder) AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) SynapseEnvironment(org.apache.synapse.core.SynapseEnvironment) ArrayList(java.util.ArrayList) MessageContext(org.apache.synapse.MessageContext) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext) ConditionGroupDTO(org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 32 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleHandlerTest method testCheckForStaledThrottleData.

@Test
public void testCheckForStaledThrottleData() {
    ThrottleDataHolder throttleDataHolder = new ThrottleDataHolder();
    ServiceReferenceHolder.getInstance().setThrottleDataPublisher(new ThrottleDataPublisher());
    ThrottleHandler throttleHandler = new ThrottlingHandlerWrapper(timer, throttleDataHolder, throttleEvaluator, accessInformation);
    throttleHandler.setProductionMaxCount("100");
    SynapseEnvironment synapseEnvironment = Mockito.mock(SynapseEnvironment.class);
    throttleHandler.init(synapseEnvironment);
    MessageContext messageContext = TestUtils.getMessageContextWithAuthContext(apiContext, apiVersion);
    messageContext.setProperty(VERB_INFO_DTO, verbInfoDTO);
    ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
    AuthenticationContext authenticationContext = (AuthenticationContext) messageContext.getProperty(API_AUTH_CONTEXT);
    authenticationContext.setApiTier(throttlingTier);
    authenticationContext.setSpikeArrestLimit(0);
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    verbInfo.setConditionGroups(conditionGroupDTOs);
    ArrayList<ConditionGroupDTO> matchingConditions = new ArrayList<>();
    Mockito.when(accessInformation.isAccessAllowed()).thenReturn(false);
    matchingConditions.add(conditionGroupDTO);
    throttleDataHolder.addKeyTemplate("testKeyTemplate", "testKeyTemplateValue");
    throttleDataHolder.addThrottleData("testKeyTemplate", System.currentTimeMillis() - 10000);
    Assert.assertTrue(throttleHandler.handleRequest(messageContext));
}
Also used : ThrottleDataHolder(org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder) AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) ThrottleDataPublisher(org.wso2.carbon.apimgt.gateway.throttling.publisher.ThrottleDataPublisher) SynapseEnvironment(org.apache.synapse.core.SynapseEnvironment) ArrayList(java.util.ArrayList) MessageContext(org.apache.synapse.MessageContext) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext) ConditionGroupDTO(org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 33 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleHandlerTest method testMsgThrottleOutWhenHardThrottlingFailedWithThrottleException.

@Test
public void testMsgThrottleOutWhenHardThrottlingFailedWithThrottleException() {
    ThrottleDataHolder throttleDataHolder = new ThrottleDataHolder();
    ThrottleHandler throttleHandler = new ThrottlingHandlerWrapper(timer, throttleDataHolder, throttleEvaluator, accessInformation);
    throttleHandler.setProductionMaxCount("100");
    SynapseEnvironment synapseEnvironment = Mockito.mock(SynapseEnvironment.class);
    throttleHandler.init(synapseEnvironment);
    MessageContext messageContext = TestUtils.getMessageContextWithAuthContext(apiContext, apiVersion);
    messageContext.setProperty(VERB_INFO_DTO, verbInfoDTO);
    ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
    AuthenticationContext authenticationContext = (AuthenticationContext) messageContext.getProperty(API_AUTH_CONTEXT);
    authenticationContext.setApiTier(throttlingTier);
    authenticationContext.setKeyType("SANDBOX");
    authenticationContext.setSpikeArrestLimit(0);
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    verbInfo.setConditionGroups(conditionGroupDTOs);
    ArrayList<ConditionGroupDTO> matchingConditions = new ArrayList<>();
    matchingConditions.add(conditionGroupDTO);
    // Throw ThrottleException while retrieving access information
    Mockito.doThrow(ThrottleException.class).when(accessInformation).isAccessAllowed();
    // Should discontinue message flow, when an exception is thrown during hard limit throttling information
    // process time
    Assert.assertFalse(throttleHandler.handleRequest(messageContext));
}
Also used : ThrottleDataHolder(org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder) AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) SynapseEnvironment(org.apache.synapse.core.SynapseEnvironment) ArrayList(java.util.ArrayList) MessageContext(org.apache.synapse.MessageContext) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext) ConditionGroupDTO(org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 34 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleHandlerTest method testMsgThrottleOutWhenSandBoxHardThrottlingLimitsThrottled.

@Test
public void testMsgThrottleOutWhenSandBoxHardThrottlingLimitsThrottled() {
    ThrottleDataHolder throttleDataHolder = new ThrottleDataHolder();
    ThrottleHandler throttleHandler = new ThrottlingHandlerWrapper(timer, throttleDataHolder, throttleEvaluator, accessInformation);
    throttleHandler.setSandboxMaxCount("100");
    SynapseEnvironment synapseEnvironment = Mockito.mock(SynapseEnvironment.class);
    throttleHandler.init(synapseEnvironment);
    MessageContext messageContext = TestUtils.getMessageContextWithAuthContext(apiContext, apiVersion);
    messageContext.setProperty(VERB_INFO_DTO, verbInfoDTO);
    ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
    AuthenticationContext authenticationContext = (AuthenticationContext) messageContext.getProperty(API_AUTH_CONTEXT);
    authenticationContext.setApiTier(throttlingTier);
    authenticationContext.setStopOnQuotaReach(false);
    authenticationContext.setKeyType("SANDBOX");
    authenticationContext.setSpikeArrestLimit(0);
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    verbInfo.setConditionGroups(conditionGroupDTOs);
    ArrayList<ConditionGroupDTO> matchingConditions = new ArrayList<>();
    matchingConditions.add(conditionGroupDTO);
    String subscriptionLevelThrottleKey = authenticationContext.getApplicationId() + ":" + apiContext + ":" + apiVersion;
    String applicationLevelThrottleKey = authenticationContext.getApplicationId() + ":" + authenticationContext.getUsername() + "@" + throttleHandler.getTenantDomain();
    String combinedResourceLevelThrottleKey = resourceLevelThrottleKey + conditionGroupDTO.getConditionGroupId();
    // Mockito.when(throttleDataHolder.isThrottled(combinedResourceLevelThrottleKey)).thenReturn(false);
    // Mockito.when(throttleDataHolder.isThrottled(subscriptionLevelThrottleKey)).thenReturn(false);
    // Mockito.when(throttleDataHolder.isThrottled(applicationLevelThrottleKey)).thenReturn(false);
    // Mockito.when(throttleDataHolder.isKeyTemplatesPresent()).thenReturn(false);
    // Mockito.when(accessInformation.isAccessAllowed()).thenReturn(false);
    // Should discontinue message flow if SANDBOX hard throttling limits are exceeded
    Assert.assertFalse(throttleHandler.handleRequest(messageContext));
}
Also used : ThrottleDataHolder(org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder) AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) SynapseEnvironment(org.apache.synapse.core.SynapseEnvironment) ArrayList(java.util.ArrayList) MessageContext(org.apache.synapse.MessageContext) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext) ConditionGroupDTO(org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 35 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleHandlerTest method testMsgThrottleOutWhenResourceLevelIsThrottled.

@Test
public void testMsgThrottleOutWhenResourceLevelIsThrottled() {
    ThrottleDataHolder throttleDataHolder = new ThrottleDataHolder();
    ThrottleHandler throttleHandler = new ThrottlingHandlerWrapper(timer, throttleDataHolder, throttleEvaluator);
    MessageContext messageContext = TestUtils.getMessageContextWithAuthContext(apiContext, apiVersion);
    messageContext.setProperty(VERB_INFO_DTO, verbInfoDTO);
    ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
    AuthenticationContext authenticationContext = (AuthenticationContext) messageContext.getProperty(API_AUTH_CONTEXT);
    authenticationContext.setApiTier("Unlimited");
    messageContext.setProperty(API_AUTH_CONTEXT, authenticationContext);
    verbInfo.setConditionGroups(conditionGroupDTOs);
    ArrayList<ConditionGroupDTO> matchingConditions = new ArrayList<>();
    matchingConditions.add(conditionGroupDTO);
    String combinedResourceLevelThrottleKey = resourceLevelThrottleKey + conditionGroupDTO.getConditionGroupId();
    throttleDataHolder.addThrottledAPIKey(resourceLevelThrottleKey, System.currentTimeMillis() + 10000);
    throttleDataHolder.addThrottleData(combinedResourceLevelThrottleKey, System.currentTimeMillis() + 10000);
    Mockito.when(throttleEvaluator.getApplicableConditions(messageContext, authenticationContext, conditionGroupDTOs)).thenReturn(matchingConditions);
    // Should throttle out and discontinue message flow, when resource level is throttled out
    Assert.assertFalse(throttleHandler.handleRequest(messageContext));
}
Also used : ThrottleDataHolder(org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder) AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) ArrayList(java.util.ArrayList) MessageContext(org.apache.synapse.MessageContext) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext) ConditionGroupDTO(org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Aggregations

AuthenticationContext (org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext)96 Axis2MessageContext (org.apache.synapse.core.axis2.Axis2MessageContext)69 Test (org.junit.Test)69 MessageContext (org.apache.synapse.MessageContext)56 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)49 ArrayList (java.util.ArrayList)31 ConditionGroupDTO (org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO)31 TreeMap (java.util.TreeMap)22 VerbInfoDTO (org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO)22 API (org.wso2.carbon.apimgt.keymgt.model.entity.API)21 HashMap (java.util.HashMap)19 Cache (javax.cache.Cache)18 Test (org.testng.annotations.Test)18 AuthenticationContext (org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext)18 ThrottleProperties (org.wso2.carbon.apimgt.impl.dto.ThrottleProperties)17 SignedJWT (com.nimbusds.jwt.SignedJWT)16 ConditionDTO (org.wso2.carbon.apimgt.api.dto.ConditionDTO)16 ThrottleDataHolder (org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder)16 APISecurityException (org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException)15 APIKeyValidationInfoDTO (org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO)14