Search in sources :

Example 11 with JSONConfig

use of org.wso2.carbon.apimgt.gateway.threatprotection.configuration.JSONConfig in project carbon-apimgt by wso2.

the class ConfigureJsonAnalyzer method execute.

@Override
public BValue[] execute(Context context) {
    String event = getStringArgument(context, 0);
    // configure json analyzer
    BStruct jsonInfo = ((BStruct) getRefArgument(context, 0));
    if (jsonInfo != null) {
        String jsonPolicyId = jsonInfo.getStringField(0);
        switch(event) {
            case THREAT_PROTECTION_POLICY_ADD:
            case THREAT_PROTECTION_POLICY_UPDATE:
                String name = jsonInfo.getStringField(1);
                int propertyCount = (int) jsonInfo.getIntField(0);
                int stringLength = (int) jsonInfo.getIntField(1);
                int arrayElementCount = (int) jsonInfo.getIntField(2);
                int keyLength = (int) jsonInfo.getIntField(3);
                int maxJSONDepth = (int) jsonInfo.getIntField(4);
                JSONConfig jsonConfig = new JSONConfig();
                jsonConfig.setName(name);
                jsonConfig.setMaxPropertyCount(propertyCount);
                jsonConfig.setMaxStringLength(stringLength);
                jsonConfig.setMaxArrayElementCount(arrayElementCount);
                jsonConfig.setMaxKeyLength(keyLength);
                jsonConfig.setMaxJsonDepth(maxJSONDepth);
                // put into ConfigurationHolder
                ConfigurationHolder.addJsonConfig(jsonPolicyId, jsonConfig);
                break;
            case THREAT_PROTECTION_POLICY_DELETE:
                ConfigurationHolder.removeJsonConfig(jsonPolicyId);
                break;
            default:
                log.warn("Unknown event type for Threat Protection Policy. Event: " + event);
                break;
        }
    }
    return getBValues(new BBoolean(true));
}
Also used : BStruct(org.ballerinalang.model.values.BStruct) BBoolean(org.ballerinalang.model.values.BBoolean) JSONConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig)

Example 12 with JSONConfig

use of org.wso2.carbon.apimgt.gateway.threatprotection.configuration.JSONConfig in project carbon-apimgt by wso2.

the class JSONAnalyzerTestCase method testMaxFieldLengthPass.

@Test
public void testMaxFieldLengthPass() throws Exception {
    JSONConfig config = Mockito.mock(JSONConfig.class);
    Mockito.when(config.getMaxKeyLength()).thenReturn(5);
    JSONAnalyzer analyzer = new JSONAnalyzer();
    analyzer.configure(config);
    String jsonString = "{\"abcde\": [1, 2, 3, 4, 5]}";
    analyzer.analyze(jsonString, "/foo");
}
Also used : JSONAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.JSONAnalyzer) JSONConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig) Test(org.testng.annotations.Test)

Example 13 with JSONConfig

use of org.wso2.carbon.apimgt.gateway.threatprotection.configuration.JSONConfig in project carbon-apimgt by wso2.

the class JSONAnalyzerTestCase method testMaxArrayElementCountFail.

@Test(expectedExceptions = APIMThreatAnalyzerException.class)
public void testMaxArrayElementCountFail() throws Exception {
    JSONConfig config = Mockito.mock(JSONConfig.class);
    Mockito.when(config.getMaxArrayElementCount()).thenReturn(5);
    JSONAnalyzer analyzer = new JSONAnalyzer();
    analyzer.configure(config);
    String jsonString = "{\"a\": [1, 2, 3, 4, 5, 6]}";
    analyzer.analyze(jsonString, "/foo");
}
Also used : JSONAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.JSONAnalyzer) JSONConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig) Test(org.testng.annotations.Test)

Example 14 with JSONConfig

use of org.wso2.carbon.apimgt.gateway.threatprotection.configuration.JSONConfig in project carbon-apimgt by wso2.

the class JSONAnalyzerTestCase method testMaxStringLengthInsideAnArrayPass.

@Test
public void testMaxStringLengthInsideAnArrayPass() throws Exception {
    JSONConfig config = Mockito.mock(JSONConfig.class);
    Mockito.when(config.getMaxStringLength()).thenReturn(5);
    JSONAnalyzer analyzer = new JSONAnalyzer();
    analyzer.configure(config);
    String jsonString = "{\"abcdef\": [1, \"12345\", 3, 4, 5, 6]}";
    analyzer.analyze(jsonString, "/foo");
}
Also used : JSONAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.JSONAnalyzer) JSONConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig) Test(org.testng.annotations.Test)

Example 15 with JSONConfig

use of org.wso2.carbon.apimgt.gateway.threatprotection.configuration.JSONConfig in project carbon-apimgt by wso2.

the class JSONAnalyzerTestCase method testJsonDepthAnalyzePass.

@Test
public void testJsonDepthAnalyzePass() throws Exception {
    JSONConfig config = Mockito.mock(JSONConfig.class);
    Mockito.when(config.getMaxJsonDepth()).thenReturn(4);
    JSONAnalyzer analyzer = new JSONAnalyzer();
    analyzer.configure(config);
    String jsonString = "{\"a\": {\"b\": {\"c\": {\"d\": 1}}}}";
    analyzer.analyze(jsonString, "/foo");
}
Also used : JSONAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.JSONAnalyzer) JSONConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig) Test(org.testng.annotations.Test)

Aggregations

JSONConfig (org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig)15 Test (org.testng.annotations.Test)13 JSONAnalyzer (org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.JSONAnalyzer)12 JSONConfig (org.wso2.carbon.apimgt.gateway.threatprotection.configuration.JSONConfig)4 IOException (java.io.IOException)3 InputStream (java.io.InputStream)3 Gson (com.google.gson.Gson)2 JsonObject (com.google.gson.JsonObject)2 ByteArrayInputStream (java.io.ByteArrayInputStream)2 Connection (java.sql.Connection)2 PreparedStatement (java.sql.PreparedStatement)2 ResultSet (java.sql.ResultSet)2 SQLException (java.sql.SQLException)2 APIMThreatAnalyzer (org.wso2.carbon.apimgt.gateway.threatprotection.analyzer.APIMThreatAnalyzer)2 Environment (org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.environmentspecificproperty.Environment)2 BufferedInputStream (java.io.BufferedInputStream)1 HashMap (java.util.HashMap)1 Map (java.util.Map)1 XMLStreamException (javax.xml.stream.XMLStreamException)1 BBoolean (org.ballerinalang.model.values.BBoolean)1