Search in sources :

Example 1 with ResourceInfoDTO

use of org.wso2.carbon.apimgt.impl.dto.ResourceInfoDTO in project carbon-apimgt by wso2.

the class APIKeyValidator method mapToAPIInfo.

private APIInfoDTO mapToAPIInfo(ArrayList<URITemplate> uriTemplates, String context, String apiVersion) {
    APIInfoDTO apiInfoDTO = new APIInfoDTO();
    apiInfoDTO.setApiName(context);
    apiInfoDTO.setContext(context);
    apiInfoDTO.setVersion(apiVersion);
    apiInfoDTO.setResources(new LinkedHashSet<ResourceInfoDTO>());
    ResourceInfoDTO resourceInfoDTO = null;
    VerbInfoDTO verbInfoDTO = null;
    // The following map is used to retrieve already created ResourceInfoDTO rather than iterating -
    // the resource Set in apiInfoDTO.
    LinkedHashMap<String, ResourceInfoDTO> resourcesMap = new LinkedHashMap<String, ResourceInfoDTO>();
    for (URITemplate uriTemplate : uriTemplates) {
        resourceInfoDTO = resourcesMap.get(uriTemplate.getUriTemplate());
        if (null == resourceInfoDTO) {
            resourceInfoDTO = new ResourceInfoDTO();
            resourceInfoDTO.setUrlPattern(uriTemplate.getUriTemplate());
            resourceInfoDTO.setHttpVerbs(new LinkedHashSet());
            apiInfoDTO.getResources().add(resourceInfoDTO);
            resourcesMap.put(uriTemplate.getUriTemplate(), resourceInfoDTO);
        }
        verbInfoDTO = new VerbInfoDTO();
        verbInfoDTO.setHttpVerb(uriTemplate.getHTTPVerb());
        verbInfoDTO.setAuthType(uriTemplate.getAuthType());
        verbInfoDTO.setThrottling(uriTemplate.getThrottlingTier());
        verbInfoDTO.setContentAware(uriTemplate.checkContentAwareFromThrottlingTiers());
        verbInfoDTO.setThrottlingConditions(uriTemplate.getThrottlingConditions());
        verbInfoDTO.setConditionGroups(uriTemplate.getConditionGroups());
        verbInfoDTO.setApplicableLevel(uriTemplate.getApplicableLevel());
        resourceInfoDTO.getHttpVerbs().add(verbInfoDTO);
    }
    return apiInfoDTO;
}
Also used : LinkedHashSet(java.util.LinkedHashSet) VerbInfoDTO(org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO) URITemplate(org.wso2.carbon.apimgt.api.model.URITemplate) APIInfoDTO(org.wso2.carbon.apimgt.impl.dto.APIInfoDTO) ResourceInfoDTO(org.wso2.carbon.apimgt.impl.dto.ResourceInfoDTO) LinkedHashMap(java.util.LinkedHashMap)

Example 2 with ResourceInfoDTO

use of org.wso2.carbon.apimgt.impl.dto.ResourceInfoDTO in project carbon-apimgt by wso2.

the class APIKeyValidator method getVerbInfoDTOFromAPIData.

/**
 * @param messageContext     The message context
 * @param context     API context of API
 * @param apiVersion  Version of API
 * @param requestPath Incoming request path
 * @param httpMethod  http method of request
 * @return verbInfoDTO which contains throttling tier for given resource and verb+resource key
 */
public VerbInfoDTO getVerbInfoDTOFromAPIData(MessageContext messageContext, String context, String apiVersion, String requestPath, String httpMethod) throws APISecurityException {
    String cacheKey = context + ':' + apiVersion;
    APIInfoDTO apiInfoDTO = null;
    if (isGatewayAPIResourceValidationEnabled) {
        apiInfoDTO = (APIInfoDTO) getResourceCache().get(cacheKey);
    }
    if (apiInfoDTO == null) {
        apiInfoDTO = doGetAPIInfo(messageContext, context, apiVersion);
        if (isGatewayAPIResourceValidationEnabled) {
            getResourceCache().put(cacheKey, apiInfoDTO);
        }
    }
    // Match the case where the direct api context is matched
    if ("/".equals(requestPath)) {
        String requestCacheKey = context + '/' + apiVersion + requestPath + ':' + httpMethod;
        // Get decision from cache.
        VerbInfoDTO matchingVerb = null;
        if (isGatewayAPIResourceValidationEnabled) {
            matchingVerb = (VerbInfoDTO) getResourceCache().get(requestCacheKey);
        }
        // On a cache hit
        if (matchingVerb != null) {
            matchingVerb.setRequestKey(requestCacheKey);
            return matchingVerb;
        } else {
            if (apiInfoDTO.getResources() != null) {
                for (ResourceInfoDTO resourceInfoDTO : apiInfoDTO.getResources()) {
                    String urlPattern = resourceInfoDTO.getUrlPattern();
                    // If the request patch is '/', it can only be matched with a resource whose url-context is '/*'
                    if ("/*".equals(urlPattern)) {
                        for (VerbInfoDTO verbDTO : resourceInfoDTO.getHttpVerbs()) {
                            if (verbDTO.getHttpVerb().equals(httpMethod)) {
                                // Store verb in cache
                                if (isGatewayAPIResourceValidationEnabled) {
                                    getResourceCache().put(requestCacheKey, verbDTO);
                                }
                                verbDTO.setRequestKey(requestCacheKey);
                                return verbDTO;
                            }
                        }
                    }
                }
            }
        }
    }
    // Remove the ending '/' from request
    requestPath = RESTUtils.trimTrailingSlashes(requestPath);
    while (requestPath.length() > 1) {
        String requestCacheKey = context + '/' + apiVersion + requestPath + ':' + httpMethod;
        // Get decision from cache.
        VerbInfoDTO matchingVerb = null;
        if (isGatewayAPIResourceValidationEnabled) {
            matchingVerb = (VerbInfoDTO) getResourceCache().get(requestCacheKey);
        }
        // On a cache hit
        if (matchingVerb != null) {
            matchingVerb.setRequestKey(requestCacheKey);
            return matchingVerb;
        } else // On a cache miss
        {
            for (ResourceInfoDTO resourceInfoDTO : apiInfoDTO.getResources()) {
                String urlPattern = resourceInfoDTO.getUrlPattern();
                if (urlPattern.endsWith("/*")) {
                    // Remove the ending '/*'
                    urlPattern = urlPattern.substring(0, urlPattern.length() - 2);
                }
                // If the urlPattern ends with a '/', remove that as well.
                urlPattern = RESTUtils.trimTrailingSlashes(urlPattern);
                if (requestPath.endsWith(urlPattern)) {
                    for (VerbInfoDTO verbDTO : resourceInfoDTO.getHttpVerbs()) {
                        if (verbDTO.getHttpVerb().equals(httpMethod)) {
                            // Store verb in cache
                            if (isGatewayAPIResourceValidationEnabled) {
                                getResourceCache().put(requestCacheKey, verbDTO);
                            }
                            verbDTO.setRequestKey(requestCacheKey);
                            return verbDTO;
                        }
                    }
                }
            }
        }
        // Remove the section after the last occurrence of the '/' character
        int index = requestPath.lastIndexOf('/');
        requestPath = requestPath.substring(0, index <= 0 ? 0 : index);
    }
    // nothing found. return the highest level of security
    return null;
}
Also used : VerbInfoDTO(org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO) APIInfoDTO(org.wso2.carbon.apimgt.impl.dto.APIInfoDTO) ResourceInfoDTO(org.wso2.carbon.apimgt.impl.dto.ResourceInfoDTO)

Example 3 with ResourceInfoDTO

use of org.wso2.carbon.apimgt.impl.dto.ResourceInfoDTO in project carbon-apimgt by wso2.

the class InboundWebsocketProcessorUtil method findMatchingVerb.

/**
 * Finds matching VerbInfoDTO for the subscription operation.
 *
 * @param operation             subscription operation name
 * @param inboundMessageContext InboundMessageContext
 * @return VerbInfoDTO
 */
public static VerbInfoDTO findMatchingVerb(String operation, InboundMessageContext inboundMessageContext) {
    String resourceCacheKey;
    VerbInfoDTO verbInfoDTO = null;
    if (inboundMessageContext.getResourcesMap() != null) {
        ResourceInfoDTO resourceInfoDTO = inboundMessageContext.getResourcesMap().get(operation);
        Set<VerbInfoDTO> verbDTOList = resourceInfoDTO.getHttpVerbs();
        for (VerbInfoDTO verb : verbDTOList) {
            if (verb.getHttpVerb().equals(GraphQLConstants.SubscriptionConstants.HTTP_METHOD_NAME)) {
                if (isResourcePathMatching(operation, resourceInfoDTO)) {
                    verbInfoDTO = verb;
                    resourceCacheKey = APIUtil.getResourceInfoDTOCacheKey(inboundMessageContext.getApiContext(), inboundMessageContext.getVersion(), operation, GraphQLConstants.SubscriptionConstants.HTTP_METHOD_NAME);
                    verb.setRequestKey(resourceCacheKey);
                    break;
                }
            }
        }
    }
    return verbInfoDTO;
}
Also used : VerbInfoDTO(org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO) ResourceInfoDTO(org.wso2.carbon.apimgt.impl.dto.ResourceInfoDTO)

Example 4 with ResourceInfoDTO

use of org.wso2.carbon.apimgt.impl.dto.ResourceInfoDTO in project carbon-apimgt by wso2.

the class HandshakeProcessor method setResourcesMapToContext.

/**
 * Set the resource map with VerbInfoDTOs to the context using URL mappings from the InboundMessageContext.
 *
 * @param inboundMessageContext InboundMessageContext
 */
private void setResourcesMapToContext(InboundMessageContext inboundMessageContext) {
    List<URLMapping> urlMappings = inboundMessageContext.getElectedAPI().getResources();
    Map<String, ResourceInfoDTO> resourcesMap = inboundMessageContext.getResourcesMap();
    ResourceInfoDTO resourceInfoDTO;
    VerbInfoDTO verbInfoDTO;
    for (URLMapping urlMapping : urlMappings) {
        resourceInfoDTO = resourcesMap.get(urlMapping.getUrlPattern());
        if (resourceInfoDTO == null) {
            resourceInfoDTO = new ResourceInfoDTO();
            resourceInfoDTO.setUrlPattern(urlMapping.getUrlPattern());
            resourceInfoDTO.setHttpVerbs(new LinkedHashSet<>());
            resourcesMap.put(urlMapping.getUrlPattern(), resourceInfoDTO);
        }
        verbInfoDTO = new VerbInfoDTO();
        verbInfoDTO.setHttpVerb(urlMapping.getHttpMethod());
        verbInfoDTO.setAuthType(urlMapping.getAuthScheme());
        verbInfoDTO.setThrottling(urlMapping.getThrottlingPolicy());
        resourceInfoDTO.getHttpVerbs().add(verbInfoDTO);
    }
}
Also used : URLMapping(org.wso2.carbon.apimgt.api.model.subscription.URLMapping) VerbInfoDTO(org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO) ResourceInfoDTO(org.wso2.carbon.apimgt.impl.dto.ResourceInfoDTO)

Example 5 with ResourceInfoDTO

use of org.wso2.carbon.apimgt.impl.dto.ResourceInfoDTO in project carbon-apimgt by wso2.

the class APIKeyValidator method findMatchingVerb.

public List<VerbInfoDTO> findMatchingVerb(MessageContext synCtx) throws ResourceNotFoundException, APISecurityException {
    List<VerbInfoDTO> verbInfoList = new ArrayList<>();
    String resourceCacheKey;
    String httpMethod = (String) ((Axis2MessageContext) synCtx).getAxis2MessageContext().getProperty(Constants.Configuration.HTTP_METHOD);
    String apiContext = (String) synCtx.getProperty(RESTConstants.REST_API_CONTEXT);
    String apiVersion = (String) synCtx.getProperty(RESTConstants.SYNAPSE_REST_API_VERSION);
    String fullRequestPath = (String) synCtx.getProperty(RESTConstants.REST_FULL_REQUEST_PATH);
    String electedResource = (String) synCtx.getProperty(APIConstants.API_ELECTED_RESOURCE);
    ArrayList<String> resourceArray = null;
    if (electedResource != null) {
        if (APIConstants.GRAPHQL_API.equalsIgnoreCase((String) synCtx.getProperty(APIConstants.API_TYPE))) {
            resourceArray = new ArrayList<>(Arrays.asList(electedResource.split(",")));
        } else {
            resourceArray = new ArrayList<>(Arrays.asList(electedResource));
        }
    }
    String requestPath = getRequestPath(synCtx, apiContext, apiVersion, fullRequestPath);
    if ("".equals(requestPath)) {
        requestPath = "/";
    }
    if (log.isDebugEnabled()) {
        log.debug("Setting REST_SUB_REQUEST_PATH in msg context: " + requestPath);
    }
    synCtx.setProperty(RESTConstants.REST_SUB_REQUEST_PATH, requestPath);
    // verb has been put into the cache.
    if (resourceArray != null) {
        for (String resourceString : resourceArray) {
            VerbInfoDTO verbInfo;
            if (isGatewayAPIResourceValidationEnabled) {
                String apiCacheKey = APIUtil.getAPIInfoDTOCacheKey(apiContext, apiVersion);
                if (!getResourceCache().containsKey(apiCacheKey)) {
                    break;
                }
                resourceCacheKey = APIUtil.getResourceInfoDTOCacheKey(apiContext, apiVersion, resourceString, httpMethod);
                verbInfo = (VerbInfoDTO) getResourceCache().get(resourceCacheKey);
                // Cache hit
                if (verbInfo != null) {
                    if (log.isDebugEnabled()) {
                        log.debug("Found resource in Cache for key: " + resourceCacheKey);
                    }
                    verbInfoList.add(verbInfo);
                } else {
                    if (log.isDebugEnabled()) {
                        log.debug("Resource not found in cache for key: " + resourceCacheKey);
                    }
                }
            }
        }
        if (resourceArray.size() == verbInfoList.size()) {
            return verbInfoList;
        }
    } else {
        API selectedApi = Utils.getSelectedAPI(synCtx);
        Resource selectedResource = null;
        String resourceString;
        if (selectedApi != null) {
            Resource[] selectedAPIResources = selectedApi.getResources();
            Set<Resource> acceptableResources = new LinkedHashSet<Resource>();
            for (Resource resource : selectedAPIResources) {
                // If the requesting method is OPTIONS or if the Resource contains the requesting method
                if (RESTConstants.METHOD_OPTIONS.equals(httpMethod) || (resource.getMethods() != null && Arrays.asList(resource.getMethods()).contains(httpMethod))) {
                    acceptableResources.add(resource);
                }
            }
            if (acceptableResources.size() > 0) {
                for (RESTDispatcher dispatcher : RESTUtils.getDispatchers()) {
                    Resource resource = dispatcher.findResource(synCtx, acceptableResources);
                    if (resource != null && Arrays.asList(resource.getMethods()).contains(httpMethod)) {
                        selectedResource = resource;
                        break;
                    }
                }
            }
        }
        if (selectedResource == null) {
            // No matching resource found.
            String msg = "Could not find matching resource for " + requestPath;
            log.error(msg);
            throw new ResourceNotFoundException(msg);
        }
        resourceString = selectedResource.getDispatcherHelper().getString();
        resourceCacheKey = APIUtil.getResourceInfoDTOCacheKey(apiContext, apiVersion, resourceString, httpMethod);
        if (log.isDebugEnabled()) {
            log.debug("Selected Resource: " + resourceString);
        }
        // Set the elected resource
        synCtx.setProperty(APIConstants.API_ELECTED_RESOURCE, resourceString);
        if (isGatewayAPIResourceValidationEnabled) {
            VerbInfoDTO verbInfo;
            verbInfo = (VerbInfoDTO) getResourceCache().get(resourceCacheKey);
            // Cache hit
            if (verbInfo != null) {
                if (log.isDebugEnabled()) {
                    log.debug("Got Resource from cache for key: " + resourceCacheKey);
                }
                verbInfoList.add(verbInfo);
                return verbInfoList;
            } else if (log.isDebugEnabled()) {
                log.debug("Cache miss for Resource for key: " + resourceCacheKey);
            }
        }
    }
    String apiCacheKey = APIUtil.getAPIInfoDTOCacheKey(apiContext, apiVersion);
    APIInfoDTO apiInfoDTO = null;
    if (isGatewayAPIResourceValidationEnabled) {
        apiInfoDTO = (APIInfoDTO) getResourceCache().get(apiCacheKey);
    }
    // Cache miss
    if (apiInfoDTO == null) {
        if (log.isDebugEnabled()) {
            log.debug("Could not find API object in cache for key: " + apiCacheKey);
        }
        String apiType = (String) synCtx.getProperty(APIMgtGatewayConstants.API_TYPE);
        if (APIConstants.ApiTypes.PRODUCT_API.name().equalsIgnoreCase(apiType)) {
            apiInfoDTO = doGetAPIProductInfo(synCtx, apiContext, apiVersion);
        } else {
            apiInfoDTO = doGetAPIInfo(synCtx, apiContext, apiVersion);
        }
        if (isGatewayAPIResourceValidationEnabled) {
            getResourceCache().put(apiCacheKey, apiInfoDTO);
        }
    }
    if (apiInfoDTO.getResources() != null) {
        for (ResourceInfoDTO resourceInfoDTO : apiInfoDTO.getResources()) {
            Set<VerbInfoDTO> verbDTOList = resourceInfoDTO.getHttpVerbs();
            for (VerbInfoDTO verb : verbDTOList) {
                if (verb.getHttpVerb().equals(httpMethod)) {
                    for (String resourceString : resourceArray) {
                        if (isResourcePathMatching(resourceString, resourceInfoDTO)) {
                            resourceCacheKey = APIUtil.getResourceInfoDTOCacheKey(apiContext, apiVersion, resourceString, httpMethod);
                            verb.setRequestKey(resourceCacheKey);
                            verbInfoList.add(verb);
                            if (isGatewayAPIResourceValidationEnabled) {
                                // Set cache key in the message c\ontext so that it can be used by the subsequent handlers.
                                if (log.isDebugEnabled()) {
                                    log.debug("Putting resource object in cache with key: " + resourceCacheKey);
                                }
                                getResourceCache().put(resourceCacheKey, verb);
                                synCtx.setProperty(APIConstants.API_RESOURCE_CACHE_KEY, resourceCacheKey);
                            }
                        }
                    }
                }
            }
        }
    }
    if (verbInfoList.size() == 0) {
        verbInfoList = null;
    }
    return verbInfoList;
}
Also used : LinkedHashSet(java.util.LinkedHashSet) ArrayList(java.util.ArrayList) Resource(org.apache.synapse.api.Resource) RESTDispatcher(org.apache.synapse.api.dispatch.RESTDispatcher) VerbInfoDTO(org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO) API(org.apache.synapse.api.API) APIInfoDTO(org.wso2.carbon.apimgt.impl.dto.APIInfoDTO) ResourceInfoDTO(org.wso2.carbon.apimgt.impl.dto.ResourceInfoDTO) Axis2MessageContext(org.apache.synapse.core.axis2.Axis2MessageContext)

Aggregations

ResourceInfoDTO (org.wso2.carbon.apimgt.impl.dto.ResourceInfoDTO)5 VerbInfoDTO (org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO)5 APIInfoDTO (org.wso2.carbon.apimgt.impl.dto.APIInfoDTO)3 LinkedHashSet (java.util.LinkedHashSet)2 ArrayList (java.util.ArrayList)1 LinkedHashMap (java.util.LinkedHashMap)1 API (org.apache.synapse.api.API)1 Resource (org.apache.synapse.api.Resource)1 RESTDispatcher (org.apache.synapse.api.dispatch.RESTDispatcher)1 Axis2MessageContext (org.apache.synapse.core.axis2.Axis2MessageContext)1 URITemplate (org.wso2.carbon.apimgt.api.model.URITemplate)1 URLMapping (org.wso2.carbon.apimgt.api.model.subscription.URLMapping)1