use of org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO in project carbon-apimgt by wso2.
the class GatewayUtils method generateJWTInfoDto.
public static JWTInfoDto generateJWTInfoDto(JSONObject subscribedAPI, JWTValidationInfo jwtValidationInfo, APIKeyValidationInfoDTO apiKeyValidationInfoDTO, org.apache.synapse.MessageContext synCtx) {
JWTInfoDto jwtInfoDto = new JWTInfoDto();
jwtInfoDto.setJwtValidationInfo(jwtValidationInfo);
// jwtInfoDto.setMessageContext(synCtx);
String apiContext = (String) synCtx.getProperty(RESTConstants.REST_API_CONTEXT);
String apiVersion = (String) synCtx.getProperty(RESTConstants.SYNAPSE_REST_API_VERSION);
jwtInfoDto.setApiContext(apiContext);
jwtInfoDto.setVersion(apiVersion);
constructJWTContent(subscribedAPI, apiKeyValidationInfoDTO, jwtInfoDto);
return jwtInfoDto;
}
use of org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO in project carbon-apimgt by wso2.
the class UtilsTestCase method testHasAccessTokenExpired.
@Test
public void testHasAccessTokenExpired() {
APIKeyValidationInfoDTO apiKeyValidationInfoDTO = Mockito.mock(APIKeyValidationInfoDTO.class);
Assert.assertTrue(Utils.hasAccessTokenExpired(apiKeyValidationInfoDTO));
// test for active access token by seting timestamp to 1027/10/13 0:9:18 GMT
Mockito.when(apiKeyValidationInfoDTO.getIssuedTime()).thenReturn(1823386158000L);
Mockito.when(apiKeyValidationInfoDTO.getEndUserToken()).thenReturn("endusertoken");
Assert.assertFalse(Utils.hasAccessTokenExpired(apiKeyValidationInfoDTO));
// test when accessTokenDO.getValidityPeriod() == Long.MAX_VALUE
Mockito.when(apiKeyValidationInfoDTO.getValidityPeriod()).thenReturn(Long.MAX_VALUE);
Assert.assertFalse(Utils.hasAccessTokenExpired(apiKeyValidationInfoDTO));
}
use of org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO in project carbon-apimgt by wso2.
the class APIKeyValidatorTestCase method testCheckForExpiredTokenWhileTokenInCache.
// Token is expired in cache
// Expectation : token get from token cache then get from key cache check token is expiry
// remove from key cache remove from token cache put into invalid token cache
@Test
public void testCheckForExpiredTokenWhileTokenInCache() throws APISecurityException {
try {
String tenantDomain = "carbon.super";
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(MultitenantConstants.SUPER_TENANT_ID);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername("admin");
APIKeyValidationInfoDTO apiKeyValidationInfoDTO = new APIKeyValidationInfoDTO();
apiKeyValidationInfoDTO.setAuthorized(true);
PowerMockito.when(APIUtil.isAccessTokenExpired(apiKeyValidationInfoDTO)).thenReturn(true);
AxisConfiguration axisConfiguration = Mockito.mock(AxisConfiguration.class);
Cache tokenCache = Mockito.mock(Cache.class);
Cache keyCache = Mockito.mock(Cache.class);
Cache resourceCache = Mockito.mock(Cache.class);
Cache invalidTokenCache = Mockito.mock(Cache.class);
APIKeyDataStore apiKeyDataStore = Mockito.mock(APIKeyDataStore.class);
APIKeyValidator apiKeyValidator = getAPIKeyValidator(axisConfiguration, invalidTokenCache, tokenCache, keyCache, resourceCache, apiKeyDataStore, "abc.com");
Mockito.when(tokenCache.get(Mockito.anyString())).thenReturn("carbon.super");
Mockito.when(keyCache.get(Mockito.anyString())).thenReturn(apiKeyValidationInfoDTO);
Mockito.when(apiKeyDataStore.getAPIKeyData(context, apiVersion, apiKey, authenticationScheme, matchingResource, httpVerb, tenantDomain, new ArrayList<>())).thenReturn(apiKeyValidationInfoDTO);
apiKeyValidator.getKeyValidationInfo(context, apiKey, apiVersion, authenticationScheme, matchingResource, httpVerb, defaultVersionInvoked, new ArrayList<>());
Mockito.verify(tokenCache, Mockito.times(1)).get(Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(0)).get(Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(1)).get(Mockito.anyString());
Mockito.verify(tokenCache, Mockito.times(0)).put(Mockito.anyString(), Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(0)).put(Mockito.any(APIKeyValidationInfoDTO.class), Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(1)).put(Mockito.anyString(), Mockito.anyString());
Mockito.verify(tokenCache, Mockito.times(1)).remove(Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(1)).remove(Mockito.anyString());
Mockito.verify(apiKeyDataStore, Mockito.times(0)).getAPIKeyData(context, apiVersion, apiKey, authenticationScheme, matchingResource, httpVerb, tenantDomain, new ArrayList<>());
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
use of org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO in project carbon-apimgt by wso2.
the class APIKeyValidatorTestCase method testCheckForValidTokenWhileTokenInCache.
// Token is valid in cache
// Expectation : token get from token cache is not null then get from key cache check token is expired then send
// Token not accessed or insert into invalid token cache
@Test
public void testCheckForValidTokenWhileTokenInCache() throws APISecurityException {
try {
String tenantDomain = "carbon.super";
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(MultitenantConstants.SUPER_TENANT_ID);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername("admin");
APIKeyValidationInfoDTO apiKeyValidationInfoDTO = new APIKeyValidationInfoDTO();
apiKeyValidationInfoDTO.setAuthorized(true);
PowerMockito.when(APIUtil.isAccessTokenExpired(apiKeyValidationInfoDTO)).thenReturn(false);
AxisConfiguration axisConfiguration = Mockito.mock(AxisConfiguration.class);
Cache tokenCache = Mockito.mock(Cache.class);
Cache keyCache = Mockito.mock(Cache.class);
Cache resourceCache = Mockito.mock(Cache.class);
Cache invalidTokenCache = Mockito.mock(Cache.class);
APIKeyDataStore apiKeyDataStore = Mockito.mock(APIKeyDataStore.class);
APIKeyValidator apiKeyValidator = getAPIKeyValidator(axisConfiguration, invalidTokenCache, tokenCache, keyCache, resourceCache, apiKeyDataStore, MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
Mockito.when(tokenCache.get(Mockito.anyString())).thenReturn("carbon.super");
Mockito.when(keyCache.get(Mockito.anyString())).thenReturn(apiKeyValidationInfoDTO);
apiKeyValidator.getKeyValidationInfo(context, apiKey, apiVersion, authenticationScheme, matchingResource, httpVerb, defaultVersionInvoked, new ArrayList<>());
Mockito.verify(tokenCache, Mockito.times(1)).get(Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(0)).get(Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(1)).get(Mockito.anyString());
Mockito.verify(tokenCache, Mockito.times(0)).put(Mockito.anyString(), Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(0)).put(Mockito.any(APIKeyValidationInfoDTO.class), Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(0)).put(Mockito.anyString(), Mockito.anyString());
Mockito.verify(tokenCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(invalidTokenCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(keyCache, Mockito.times(0)).remove(Mockito.anyString());
Mockito.verify(apiKeyDataStore, Mockito.times(0)).getAPIKeyData(context, apiVersion, apiKey, authenticationScheme, matchingResource, httpVerb, tenantDomain, new ArrayList<>());
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
use of org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO in project carbon-apimgt by wso2.
the class APIKeyValidatorTestCase method createAPIKeyValidator.
/*
* This method will create an instance of APIKeyValidator
* */
private APIKeyValidator createAPIKeyValidator(final boolean isWithEmptyCache, final ArrayList<URITemplate> urlTemplates, final VerbInfoDTO verbInfoDTO) {
AxisConfiguration axisConfig = Mockito.mock(AxisConfiguration.class);
List<VerbInfoDTO> verbInfoDTOList = new ArrayList<>();
verbInfoDTOList.add(verbInfoDTO);
return new APIKeyValidator() {
@Override
protected APIManagerConfiguration getApiManagerConfiguration() {
APIManagerConfiguration configuration = Mockito.mock(APIManagerConfiguration.class);
Mockito.when(configuration.getFirstProperty(APIConstants.TOKEN_CACHE_EXPIRY)).thenReturn("900");
Mockito.when(configuration.getFirstProperty(APIConstants.GATEWAY_TOKEN_CACHE_ENABLED)).thenReturn("true");
Mockito.when(configuration.getFirstProperty(APIConstants.GATEWAY_RESOURCE_CACHE_ENABLED)).thenReturn("true");
return configuration;
}
@Override
protected Cache getCache(String cacheManagerName, String cacheName, long modifiedExp, long accessExp) {
return Mockito.mock(Cache.class);
}
@Override
protected ArrayList<URITemplate> getAllURITemplates(MessageContext messageContext, String context, String apiVersion) throws APISecurityException {
return urlTemplates;
}
@Override
protected APIKeyValidationInfoDTO doGetKeyValidationInfo(String context, String apiVersion, String apiKey, String authenticationScheme, String matchingResource, String httpVerb, String tenantDomain, List<String> keyManagers) throws APISecurityException {
APIKeyValidationInfoDTO apiKeyValidationInfoDTO = Mockito.mock(APIKeyValidationInfoDTO.class);
Mockito.when(apiKeyValidationInfoDTO.getApiName()).thenReturn(apiKey);
return apiKeyValidationInfoDTO;
}
};
}
Aggregations