Search in sources :

Example 41 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class APISecurityUtilsTestCase method testSetAuthenticationContext.

public void testSetAuthenticationContext() {
    PowerMockito.mockStatic(ServiceReferenceHolder.class);
    ServiceReferenceHolder serviceReferenceHolder = Mockito.mock(ServiceReferenceHolder.class);
    PowerMockito.when(ServiceReferenceHolder.getInstance()).thenReturn(serviceReferenceHolder);
    APIManagerConfiguration apiMgtConfig = Mockito.mock(APIManagerConfiguration.class);
    Mockito.when(serviceReferenceHolder.getAPIManagerConfiguration()).thenReturn(apiMgtConfig);
    MessageContext messageContext = Mockito.mock(Axis2MessageContext.class);
    AuthenticationContext authenticationContext = Mockito.mock(AuthenticationContext.class);
    Mockito.when(authenticationContext.getKeyType()).thenReturn("keyType");
    APISecurityUtils.setAuthenticationContext(messageContext, authenticationContext, "abc");
    // test when caller token is not null
    Mockito.when(authenticationContext.getCallerToken()).thenReturn("callertoken");
    Mockito.when(messageContext.getProperty(APIConstants.API_KEY_TYPE)).thenReturn("keyType");
    // Axis2MessageContext axis2MessageContext = Mockito.mock(Axis2MessageContext.class);
    org.apache.axis2.context.MessageContext axis2MsgCntxt = Mockito.mock(org.apache.axis2.context.MessageContext.class);
    Mockito.when(((Axis2MessageContext) messageContext).getAxis2MessageContext()).thenReturn(axis2MsgCntxt);
    Map transportHeaders = new HashMap();
    Mockito.when(axis2MsgCntxt.getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS)).thenReturn(transportHeaders);
    APISecurityUtils.setAuthenticationContext(messageContext, authenticationContext, "abc");
    Assert.assertEquals(APISecurityUtils.getAuthenticationContext(messageContext).getCallerToken(), "callertoken");
    Assert.assertEquals("keyType", messageContext.getProperty(APIConstants.API_KEY_TYPE));
    // test for IllegalStateException
    String API_AUTH_CONTEXT = "__API_AUTH_CONTEXT";
    Mockito.when(authenticationContext.getCallerToken()).thenReturn("newCallerToken");
    Mockito.when(messageContext.getProperty(API_AUTH_CONTEXT)).thenReturn("abc");
    APISecurityUtils.setAuthenticationContext(messageContext, authenticationContext, "abc");
    Assert.assertEquals(APISecurityUtils.getAuthenticationContext(messageContext).getCallerToken(), "newCallerToken");
}
Also used : ServiceReferenceHolder(org.wso2.carbon.apimgt.gateway.internal.ServiceReferenceHolder) APIManagerConfiguration(org.wso2.carbon.apimgt.impl.APIManagerConfiguration) HashMap(java.util.HashMap) MessageContext(org.apache.synapse.MessageContext) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext) HashMap(java.util.HashMap) Map(java.util.Map) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext)

Example 42 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleConditionEvaluatorTest method testGetThrottledInConditionWithJWTCondition.

@Test
public void testGetThrottledInConditionWithJWTCondition() {
    ThrottleProperties throttleProperties = new ThrottleProperties();
    throttleProperties.setEnableJwtConditions(true);
    String jwt = "eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ3c28yLm9yZy9wcm9kdWN0cy9hbSIsImV4cCI6MTM0NTE4MzQ5MjE4MSwiaHR0cDov" + "L3dzbzIub3JnL2NsYWltcy9hYmMiOiJjZGUiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2JjZCI6Inh5eiJ9.9zGU062DJ5mQ5hne" + "41h4IRpLbaY_b5thRxb3feebOcA";
    AuthenticationContext authenticationContext = new AuthenticationContext();
    authenticationContext.setCallerToken(jwt);
    ServiceReferenceHolder.getInstance().setThrottleProperties(throttleProperties);
    MessageContext messageContext = TestUtils.getMessageContext(apiContext, apiVersion);
    Map<String, List<ConditionDto>> conditionMap = new HashMap<>();
    conditionMap.put("condition1", Arrays.asList(new ConditionDto[] { getJWTCondition(false) }));
    conditionMap.put("default", Arrays.asList(new ConditionDto[] { getJWTCondition(false) }));
    String condition = throttleConditionEvaluator.getThrottledInCondition(messageContext, authenticationContext, conditionMap);
    Assert.assertEquals(condition, "condition1");
}
Also used : AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) HashMap(java.util.HashMap) ConditionDto(org.wso2.carbon.apimgt.impl.dto.ConditionDto) List(java.util.List) MessageContext(org.apache.synapse.MessageContext) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext) ThrottleProperties(org.wso2.carbon.apimgt.impl.dto.ThrottleProperties) Test(org.junit.Test)

Example 43 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleConditionEvaluatorTest method testRetrievingDefaultThrottlingConditionGroupWhenConditionGroupsAreNotAvailable.

@Test
public void testRetrievingDefaultThrottlingConditionGroupWhenConditionGroupsAreNotAvailable() {
    ConditionGroupDTO[] conditionGroupDTOS = { defaultConditionGroupDTO };
    List<ConditionGroupDTO> conditionGroupDTOList = throttleConditionEvaluator.getApplicableConditions(TestUtils.getMessageContext(apiContext, apiVersion), new AuthenticationContext(), conditionGroupDTOS);
    Assert.assertEquals(conditionGroupDTOList.size(), 1);
    Assert.assertEquals(conditionGroupDTOList.get(0).getConditionGroupId(), THROTTLE_POLICY_DEFAULT);
}
Also used : AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) ConditionGroupDTO(org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO) Test(org.junit.Test)

Example 44 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleConditionEvaluatorTest method testRetrievingEmptyApplicableConditionsWhenDefaultAndConditionGroupsAreNotAvailable.

@Test
public void testRetrievingEmptyApplicableConditionsWhenDefaultAndConditionGroupsAreNotAvailable() {
    ConditionGroupDTO[] conditionGroupDTOS = new ConditionGroupDTO[0];
    List<ConditionGroupDTO> conditionGroupDTOList = throttleConditionEvaluator.getApplicableConditions(TestUtils.getMessageContext(apiContext, apiVersion), new AuthenticationContext(), conditionGroupDTOS);
    // Should return empty Condition group in the Condition group array
    Assert.assertNull(conditionGroupDTOList.get(0));
}
Also used : AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) ConditionGroupDTO(org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO) Test(org.junit.Test)

Example 45 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project carbon-apimgt by wso2.

the class ThrottleConditionEvaluatorTest method testApplicabilityOfNotMatchingHeaderCondition.

@Test
public void testApplicabilityOfNotMatchingHeaderCondition() {
    ConditionGroupDTO conditionGroupDTO = new ConditionGroupDTO();
    conditionGroupDTO.setConditionGroupId("HeaderConditionGroup");
    ConditionDTO notMatchingCondition = new ConditionDTO();
    notMatchingCondition.setConditionType("Header");
    notMatchingCondition.setConditionName("host");
    notMatchingCondition.setConditionValue("org.ibm.com");
    ConditionDTO[] conditionDTOS = { notMatchingCondition };
    conditionGroupDTO.setConditions(conditionDTOS);
    ConditionGroupDTO[] conditionGroupDTOS = { conditionGroupDTO };
    AuthenticationContext authenticationContext = new AuthenticationContext();
    authenticationContext.setCallerToken(JWTToken);
    MessageContext messageContext = TestUtils.getMessageContext(apiContext, apiVersion);
    Map map = new TreeMap();
    map.put("host", "org.wso2.com");
    ((Axis2MessageContext) messageContext).getAxis2MessageContext().setProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS, map);
    List<ConditionGroupDTO> matchingConditionGroups = throttleConditionEvaluator.getApplicableConditions(messageContext, authenticationContext, conditionGroupDTOS);
    Assert.assertNull(matchingConditionGroups.get(0));
}
Also used : AuthenticationContext(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext) ConditionDTO(org.wso2.carbon.apimgt.api.dto.ConditionDTO) ConditionGroupDTO(org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO) MessageContext(org.apache.synapse.MessageContext) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext) TreeMap(java.util.TreeMap) HashMap(java.util.HashMap) TreeMap(java.util.TreeMap) Map(java.util.Map) Test(org.junit.Test)

Aggregations

AuthenticationContext (org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext)96 Axis2MessageContext (org.apache.synapse.core.axis2.Axis2MessageContext)69 Test (org.junit.Test)69 MessageContext (org.apache.synapse.MessageContext)56 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)49 ArrayList (java.util.ArrayList)31 ConditionGroupDTO (org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO)31 TreeMap (java.util.TreeMap)22 VerbInfoDTO (org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO)22 API (org.wso2.carbon.apimgt.keymgt.model.entity.API)21 HashMap (java.util.HashMap)19 Cache (javax.cache.Cache)18 Test (org.testng.annotations.Test)18 AuthenticationContext (org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext)18 ThrottleProperties (org.wso2.carbon.apimgt.impl.dto.ThrottleProperties)17 SignedJWT (com.nimbusds.jwt.SignedJWT)16 ConditionDTO (org.wso2.carbon.apimgt.api.dto.ConditionDTO)16 ThrottleDataHolder (org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder)16 APISecurityException (org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException)15 APIKeyValidationInfoDTO (org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO)14