Examples with MutualSSLAuthenticator org.wso2.carbon.apimgt.gateway.handlers.security.authenticator.MutualSSLAuthenticator used on opensource projects

Example 1 with MutualSSLAuthenticator

use of org.wso2.carbon.apimgt.gateway.handlers.security.authenticator.MutualSSLAuthenticator in project carbon-apimgt by wso2.

the class APIAuthenticationHandler method initializeAuthenticators.

@edu.umd.cs.findbugs.annotations.SuppressWarnings(value = "LEST_LOST_EXCEPTION_STACK_TRACE", justification = "The exception needs to thrown for fault sequence invocation")
protected void initializeAuthenticators() {
    isAuthenticatorsInitialized = true;
    boolean isOAuthProtected = false;
    boolean isMutualSSLProtected = false;
    boolean isBasicAuthProtected = false;
    boolean isApiKeyProtected = false;
    boolean isMutualSSLMandatory = false;
    boolean isOAuthBasicAuthMandatory = false;
    // Set security conditions
    if (apiSecurity == null) {
        isOAuthProtected = true;
    } else {
        String[] apiSecurityLevels = apiSecurity.split(",");
        for (String apiSecurityLevel : apiSecurityLevels) {
            if (apiSecurityLevel.trim().equalsIgnoreCase(APIConstants.DEFAULT_API_SECURITY_OAUTH2)) {
                isOAuthProtected = true;
            } else if (apiSecurityLevel.trim().equalsIgnoreCase(APIConstants.API_SECURITY_MUTUAL_SSL)) {
                isMutualSSLProtected = true;
            } else if (apiSecurityLevel.trim().equalsIgnoreCase(APIConstants.API_SECURITY_BASIC_AUTH)) {
                isBasicAuthProtected = true;
            } else if (apiSecurityLevel.trim().equalsIgnoreCase(APIConstants.API_SECURITY_MUTUAL_SSL_MANDATORY)) {
                isMutualSSLMandatory = true;
            } else if (apiSecurityLevel.trim().equalsIgnoreCase(APIConstants.API_SECURITY_OAUTH_BASIC_AUTH_API_KEY_MANDATORY)) {
                isOAuthBasicAuthMandatory = true;
            } else if (apiSecurityLevel.trim().equalsIgnoreCase((APIConstants.API_SECURITY_API_KEY))) {
                isApiKeyProtected = true;
            }
        }
    }
    if (!isMutualSSLProtected && !isOAuthBasicAuthMandatory) {
        isOAuthBasicAuthMandatory = true;
    }
    if (!isBasicAuthProtected && !isOAuthProtected && !isMutualSSLMandatory && !isApiKeyProtected) {
        isMutualSSLMandatory = true;
    }
    // Set authenticators
    if (isMutualSSLProtected) {
        Authenticator authenticator = new MutualSSLAuthenticator(apiLevelPolicy, isMutualSSLMandatory, certificateInformation);
        authenticator.init(synapseEnvironment);
        authenticators.add(authenticator);
    }
    if (isOAuthProtected) {
        Authenticator authenticator = new OAuthAuthenticator(authorizationHeader, isOAuthBasicAuthMandatory, removeOAuthHeadersFromOutMessage);
        authenticator.init(synapseEnvironment);
        authenticators.add(authenticator);
    }
    if (isBasicAuthProtected) {
        Authenticator authenticator = new BasicAuthAuthenticator(authorizationHeader, isOAuthBasicAuthMandatory, apiLevelPolicy);
        authenticator.init(synapseEnvironment);
        authenticators.add(authenticator);
    }
    if (isApiKeyProtected) {
        Authenticator authenticator = new ApiKeyAuthenticator(APIConstants.API_KEY_HEADER_QUERY_PARAM, apiLevelPolicy, isOAuthBasicAuthMandatory);
        authenticator.init(synapseEnvironment);
        authenticators.add(authenticator);
    }
    Authenticator authenticator = new InternalAPIKeyAuthenticator(APIMgtGatewayConstants.INTERNAL_KEY);
    authenticator.init(synapseEnvironment);
    authenticators.add(authenticator);
    authenticators.sort(new Comparator<Authenticator>() {

        @Override
        public int compare(Authenticator o1, Authenticator o2) {
            return (o1.getPriority() - o2.getPriority());
        }
    });
}