Example 1 with TokenHandlingDto
use of org.wso2.carbon.apimgt.impl.dto.TokenHandlingDto in project carbon-apimgt by wso2.
the class AbstractKeyManager method canHandleToken.
@Override
public boolean canHandleToken(String accessToken) throws APIManagementException {
boolean result = false;
boolean canHandle = false;
Object tokenHandlingScript = configuration.getParameter(APIConstants.KeyManager.TOKEN_FORMAT_STRING);
if (tokenHandlingScript != null && StringUtils.isNotEmpty((String) tokenHandlingScript)) {
TokenHandlingDto[] tokenHandlers = new Gson().fromJson((String) tokenHandlingScript, TokenHandlingDto[].class);
if (tokenHandlers.length == 0) {
return true;
}
for (TokenHandlingDto tokenHandler : tokenHandlers) {
if (tokenHandler.getEnable()) {
if (TokenHandlingDto.TypeEnum.REFERENCE.equals(tokenHandler.getType())) {
if (tokenHandler.getValue() != null && StringUtils.isNotEmpty(String.valueOf(tokenHandler.getValue()))) {
Pattern pattern = Pattern.compile((String) tokenHandler.getValue());
Matcher matcher = pattern.matcher(accessToken);
canHandle = matcher.find();
}
} else if (TokenHandlingDto.TypeEnum.JWT.equals(tokenHandler.getType()) && accessToken.contains(APIConstants.DOT)) {
Map<String, Map<String, String>> validationJson = (Map<String, Map<String, String>>) tokenHandler.getValue();
try {
SignedJWT signedJWT = SignedJWT.parse(accessToken);
JWTClaimsSet jwtClaimsSet = signedJWT.getJWTClaimsSet();
for (Map.Entry<String, Map<String, String>> entry : validationJson.entrySet()) {
if (APIConstants.KeyManager.VALIDATION_ENTRY_JWT_BODY.equals(entry.getKey())) {
boolean state = false;
for (Map.Entry<String, String> e : entry.getValue().entrySet()) {
String key = e.getKey();
String value = e.getValue();
Object claimValue = jwtClaimsSet.getClaim(key);
if (claimValue != null) {
Pattern pattern = Pattern.compile(value);
Matcher matcher = pattern.matcher((String) claimValue);
state = matcher.find();
} else {
state = false;
}
}
canHandle = state;
}
}
} catch (java.text.ParseException e) {
log.warn("Error while parsing Token", e);
}
}
if (canHandle) {
result = true;
break;
}
}
}
} else {
result = true;
}
return result;
}
Also used :
Pattern(java.util.regex.Pattern)
Matcher(java.util.regex.Matcher)
TokenHandlingDto(org.wso2.carbon.apimgt.impl.dto.TokenHandlingDto)
Gson(com.google.gson.Gson)
SignedJWT(com.nimbusds.jwt.SignedJWT)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
JsonObject(com.google.gson.JsonObject)
JSONObject(org.json.simple.JSONObject)
ParseException(org.json.simple.parser.ParseException)
Map(java.util.Map)
Example 2 with TokenHandlingDto
use of org.wso2.carbon.apimgt.impl.dto.TokenHandlingDto in project carbon-apimgt by wso2.
the class KeyMgtRegistrationService method registerDefaultKeyManager.
public static void registerDefaultKeyManager(String organization) throws APIManagementException {
synchronized (KeyMgtRegistrationService.class.getName().concat(organization)) {
ApiMgtDAO instance = ApiMgtDAO.getInstance();
if (instance.getKeyManagerConfigurationByName(organization, APIConstants.KeyManager.DEFAULT_KEY_MANAGER) == null) {
APIManagerConfigurationService apiManagerConfigurationService = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService();
KeyManagerConfigurationDTO keyManagerConfigurationDTO = new KeyManagerConfigurationDTO();
keyManagerConfigurationDTO.setName(APIConstants.KeyManager.DEFAULT_KEY_MANAGER);
keyManagerConfigurationDTO.setEnabled(true);
keyManagerConfigurationDTO.setUuid(UUID.randomUUID().toString());
keyManagerConfigurationDTO.setOrganization(organization);
keyManagerConfigurationDTO.setDescription(APIConstants.KeyManager.DEFAULT_KEY_MANAGER_DESCRIPTION);
keyManagerConfigurationDTO.setTokenType(KeyManagerConfiguration.TokenType.DIRECT.toString());
if (apiManagerConfigurationService != null && apiManagerConfigurationService.getAPIManagerConfiguration() != null) {
String defaultKeyManagerType = apiManagerConfigurationService.getAPIManagerConfiguration().getFirstProperty(APIConstants.DEFAULT_KEY_MANAGER_TYPE);
if (StringUtils.isNotEmpty(defaultKeyManagerType)) {
keyManagerConfigurationDTO.setType(defaultKeyManagerType);
} else {
keyManagerConfigurationDTO.setType(APIConstants.KeyManager.DEFAULT_KEY_MANAGER_TYPE);
}
}
TokenHandlingDto tokenHandlingDto = new TokenHandlingDto();
tokenHandlingDto.setEnable(true);
tokenHandlingDto.setType(TokenHandlingDto.TypeEnum.REFERENCE);
tokenHandlingDto.setValue(APIConstants.KeyManager.UUID_REGEX);
keyManagerConfigurationDTO.addProperty(APIConstants.KeyManager.TOKEN_FORMAT_STRING, new Gson().toJson(Arrays.asList(tokenHandlingDto)));
instance.addKeyManagerConfiguration(keyManagerConfigurationDTO);
}
}
}
Also used :
KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO)
APIManagerConfigurationService(org.wso2.carbon.apimgt.impl.APIManagerConfigurationService)
TokenHandlingDto(org.wso2.carbon.apimgt.impl.dto.TokenHandlingDto)
Gson(com.google.gson.Gson)
ApiMgtDAO(org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO)
Aggregations
Gson (com.google.gson.Gson)2
TokenHandlingDto (org.wso2.carbon.apimgt.impl.dto.TokenHandlingDto)2
JsonObject (com.google.gson.JsonObject)1
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)1
SignedJWT (com.nimbusds.jwt.SignedJWT)1
Map (java.util.Map)1
Matcher (java.util.regex.Matcher)1
Pattern (java.util.regex.Pattern)1
JSONObject (org.json.simple.JSONObject)1
ParseException (org.json.simple.parser.ParseException)1
KeyManagerConfigurationDTO (org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO)1
APIManagerConfigurationService (org.wso2.carbon.apimgt.impl.APIManagerConfigurationService)1
ApiMgtDAO (org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO)1
