Example 16 with InternalAPIKeyAuthenticator
use of org.wso2.carbon.apimgt.gateway.handlers.security.authenticator.InternalAPIKeyAuthenticator in project carbon-apimgt by wso2.
the class InternalAPIKeyAuthenticatorTest method testAuthenticateMissingToken.
@Test
public void testAuthenticateMissingToken() {
PowerMockito.when(GatewayUtils.isInternalKey(Mockito.any(JWTClaimsSet.class))).thenReturn(true);
InternalAPIKeyAuthenticator internalAPIKeyAuthenticator = new InternalAPIKeyAuthenticator(APIMgtGatewayConstants.INTERNAL_KEY);
MessageContext messageContext = Mockito.mock(Axis2MessageContext.class);
API api = new API();
PowerMockito.when(GatewayUtils.getAPI(messageContext)).thenReturn(api);
TreeMap transportHeaders = new TreeMap();
org.apache.axis2.context.MessageContext axis2MsgCntxt = Mockito.mock(org.apache.axis2.context.MessageContext.class);
Mockito.when(axis2MsgCntxt.getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS)).thenReturn(transportHeaders);
Mockito.when(((Axis2MessageContext) messageContext).getAxis2MessageContext()).thenReturn(axis2MsgCntxt);
AuthenticationResponse authenticate = internalAPIKeyAuthenticator.authenticate(messageContext);
Assert.assertNotNull(authenticate);
Assert.assertFalse(authenticate.isMandatoryAuthentication());
Assert.assertFalse(authenticate.isAuthenticated());
Assert.assertTrue(authenticate.isContinueToNextAuthenticator());
Assert.assertEquals(authenticate.getErrorCode(), APISecurityConstants.API_AUTH_INVALID_CREDENTIALS);
Assert.assertEquals(authenticate.getErrorMessage(), APISecurityConstants.API_AUTH_INVALID_CREDENTIALS_MESSAGE);
}
Also used :
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
OpenAPI(io.swagger.v3.oas.models.OpenAPI)
API(org.wso2.carbon.apimgt.keymgt.model.entity.API)
MessageContext(org.apache.synapse.MessageContext)
Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext)
TreeMap(java.util.TreeMap)
AuthenticationResponse(org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationResponse)
Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
Test(org.junit.Test)
Example 17 with InternalAPIKeyAuthenticator
use of org.wso2.carbon.apimgt.gateway.handlers.security.authenticator.InternalAPIKeyAuthenticator in project carbon-apimgt by wso2.
the class APIAuthenticationHandler method initializeAuthenticators.
@edu.umd.cs.findbugs.annotations.SuppressWarnings(value = "LEST_LOST_EXCEPTION_STACK_TRACE", justification = "The exception needs to thrown for fault sequence invocation")
protected void initializeAuthenticators() {
isAuthenticatorsInitialized = true;
boolean isOAuthProtected = false;
boolean isMutualSSLProtected = false;
boolean isBasicAuthProtected = false;
boolean isApiKeyProtected = false;
boolean isMutualSSLMandatory = false;
boolean isOAuthBasicAuthMandatory = false;
// Set security conditions
if (apiSecurity == null) {
isOAuthProtected = true;
} else {
String[] apiSecurityLevels = apiSecurity.split(",");
for (String apiSecurityLevel : apiSecurityLevels) {
if (apiSecurityLevel.trim().equalsIgnoreCase(APIConstants.DEFAULT_API_SECURITY_OAUTH2)) {
isOAuthProtected = true;
} else if (apiSecurityLevel.trim().equalsIgnoreCase(APIConstants.API_SECURITY_MUTUAL_SSL)) {
isMutualSSLProtected = true;
} else if (apiSecurityLevel.trim().equalsIgnoreCase(APIConstants.API_SECURITY_BASIC_AUTH)) {
isBasicAuthProtected = true;
} else if (apiSecurityLevel.trim().equalsIgnoreCase(APIConstants.API_SECURITY_MUTUAL_SSL_MANDATORY)) {
isMutualSSLMandatory = true;
} else if (apiSecurityLevel.trim().equalsIgnoreCase(APIConstants.API_SECURITY_OAUTH_BASIC_AUTH_API_KEY_MANDATORY)) {
isOAuthBasicAuthMandatory = true;
} else if (apiSecurityLevel.trim().equalsIgnoreCase((APIConstants.API_SECURITY_API_KEY))) {
isApiKeyProtected = true;
}
}
}
if (!isMutualSSLProtected && !isOAuthBasicAuthMandatory) {
isOAuthBasicAuthMandatory = true;
}
if (!isBasicAuthProtected && !isOAuthProtected && !isMutualSSLMandatory && !isApiKeyProtected) {
isMutualSSLMandatory = true;
}
// Set authenticators
if (isMutualSSLProtected) {
Authenticator authenticator = new MutualSSLAuthenticator(apiLevelPolicy, isMutualSSLMandatory, certificateInformation);
authenticator.init(synapseEnvironment);
authenticators.add(authenticator);
}
if (isOAuthProtected) {
Authenticator authenticator = new OAuthAuthenticator(authorizationHeader, isOAuthBasicAuthMandatory, removeOAuthHeadersFromOutMessage);
authenticator.init(synapseEnvironment);
authenticators.add(authenticator);
}
if (isBasicAuthProtected) {
Authenticator authenticator = new BasicAuthAuthenticator(authorizationHeader, isOAuthBasicAuthMandatory, apiLevelPolicy);
authenticator.init(synapseEnvironment);
authenticators.add(authenticator);
}
if (isApiKeyProtected) {
Authenticator authenticator = new ApiKeyAuthenticator(APIConstants.API_KEY_HEADER_QUERY_PARAM, apiLevelPolicy, isOAuthBasicAuthMandatory);
authenticator.init(synapseEnvironment);
authenticators.add(authenticator);
}
Authenticator authenticator = new InternalAPIKeyAuthenticator(APIMgtGatewayConstants.INTERNAL_KEY);
authenticator.init(synapseEnvironment);
authenticators.add(authenticator);
authenticators.sort(new Comparator<Authenticator>() {
@Override
public int compare(Authenticator o1, Authenticator o2) {
return (o1.getPriority() - o2.getPriority());
}
});
}
Also used :
InternalAPIKeyAuthenticator(org.wso2.carbon.apimgt.gateway.handlers.security.authenticator.InternalAPIKeyAuthenticator)
MutualSSLAuthenticator(org.wso2.carbon.apimgt.gateway.handlers.security.authenticator.MutualSSLAuthenticator)
BasicAuthAuthenticator(org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator)
OAuthAuthenticator(org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator)
OAuthAuthenticator(org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator)
BasicAuthAuthenticator(org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator)
InternalAPIKeyAuthenticator(org.wso2.carbon.apimgt.gateway.handlers.security.authenticator.InternalAPIKeyAuthenticator)
MutualSSLAuthenticator(org.wso2.carbon.apimgt.gateway.handlers.security.authenticator.MutualSSLAuthenticator)
ApiKeyAuthenticator(org.wso2.carbon.apimgt.gateway.handlers.security.apikey.ApiKeyAuthenticator)
ApiKeyAuthenticator(org.wso2.carbon.apimgt.gateway.handlers.security.apikey.ApiKeyAuthenticator)
Aggregations
MessageContext (org.apache.synapse.MessageContext)16
Axis2MessageContext (org.apache.synapse.core.axis2.Axis2MessageContext)16
Test (org.junit.Test)16
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)16
AuthenticationResponse (org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationResponse)16
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)15
OpenAPI (io.swagger.v3.oas.models.OpenAPI)15
API (org.wso2.carbon.apimgt.keymgt.model.entity.API)15
TreeMap (java.util.TreeMap)14
Cache (javax.cache.Cache)9
JSONObject (net.minidev.json.JSONObject)8
AuthenticationContext (org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext)8
SignedJWT (com.nimbusds.jwt.SignedJWT)6
JWTTokenPayloadInfo (org.wso2.carbon.apimgt.gateway.dto.JWTTokenPayloadInfo)2
PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)2
ApiKeyAuthenticator (org.wso2.carbon.apimgt.gateway.handlers.security.apikey.ApiKeyAuthenticator)1
InternalAPIKeyAuthenticator (org.wso2.carbon.apimgt.gateway.handlers.security.authenticator.InternalAPIKeyAuthenticator)1
MutualSSLAuthenticator (org.wso2.carbon.apimgt.gateway.handlers.security.authenticator.MutualSSLAuthenticator)1
BasicAuthAuthenticator (org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator)1
OAuthAuthenticator (org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator)1
