Search in sources :

Example 1 with Environment

use of org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.environmentspecificproperty.Environment in project carbon-apimgt by wso2.

the class AuthenticatorService method getTokens.

/**
 * This method returns the access tokens for a given application.
 *
 * @param appName           Name of the application which needs to get tokens
 * @param grantType         Grant type of the application
 * @param userName          User name of the user
 * @param password          Password of the user
 * @param refreshToken      Refresh token
 * @param validityPeriod    Validity period of tokens
 * @param authorizationCode Authorization Code
 * @return AccessTokenInfo - An object with the generated access token information
 * @throws APIManagementException When receiving access tokens fails
 */
public AccessTokenInfo getTokens(String appName, String grantType, String userName, String password, String refreshToken, long validityPeriod, String authorizationCode, String assertion, IdentityProvider identityProvider) throws APIManagementException {
    AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
    AccessTokenRequest accessTokenRequest = new AccessTokenRequest();
    MultiEnvironmentOverview multiEnvironmentOverviewConfigs = apimConfigurationService.getEnvironmentConfigurations().getMultiEnvironmentOverview();
    boolean isMultiEnvironmentOverviewEnabled = multiEnvironmentOverviewConfigs.isEnabled();
    // Get scopes of the application
    String scopes = getApplicationScopes(appName);
    log.debug("Set scopes for {} application using swagger definition.", appName);
    // TODO: Get Consumer Key & Secret without creating a new app, from the IS side
    Map<String, String> consumerKeySecretMap = getConsumerKeySecret(appName);
    log.debug("Received consumer key & secret for {} application.", appName);
    try {
        if (KeyManagerConstants.AUTHORIZATION_CODE_GRANT_TYPE.equals(grantType)) {
            // Access token for authorization code grant type
            APIMAppConfigurations appConfigs = apimAppConfigurationService.getApimAppConfigurations();
            String callBackURL = appConfigs.getApimBaseUrl() + AuthenticatorConstants.AUTHORIZATION_CODE_CALLBACK_URL + appName;
            if (authorizationCode != null) {
                // Get Access & Refresh Tokens
                accessTokenRequest.setClientId(consumerKeySecretMap.get("CONSUMER_KEY"));
                accessTokenRequest.setClientSecret(consumerKeySecretMap.get("CONSUMER_SECRET"));
                accessTokenRequest.setGrantType(grantType);
                accessTokenRequest.setAuthorizationCode(authorizationCode);
                accessTokenRequest.setScopes(scopes);
                accessTokenRequest.setValidityPeriod(validityPeriod);
                accessTokenRequest.setCallbackURI(callBackURL);
                accessTokenInfo = getKeyManager().getNewAccessToken(accessTokenRequest);
            } else {
                String errorMsg = "No Authorization Code available.";
                log.error(errorMsg, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
                throw new APIManagementException(errorMsg, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
            }
        } else if (KeyManagerConstants.PASSWORD_GRANT_TYPE.equals(grantType)) {
            // Access token for password code grant type
            accessTokenRequest = AuthUtil.createAccessTokenRequest(userName, password, grantType, refreshToken, null, validityPeriod, scopes, consumerKeySecretMap.get("CONSUMER_KEY"), consumerKeySecretMap.get("CONSUMER_SECRET"));
            accessTokenInfo = getKeyManager().getNewAccessToken(accessTokenRequest);
        } else if (KeyManagerConstants.REFRESH_GRANT_TYPE.equals(grantType)) {
            accessTokenRequest = AuthUtil.createAccessTokenRequest(userName, password, grantType, refreshToken, null, validityPeriod, scopes, consumerKeySecretMap.get("CONSUMER_KEY"), consumerKeySecretMap.get("CONSUMER_SECRET"));
            accessTokenInfo = getKeyManager().getNewAccessToken(accessTokenRequest);
        } else if (isMultiEnvironmentOverviewEnabled) {
            // JWT or Custom grant type
            accessTokenRequest.setClientId(consumerKeySecretMap.get("CONSUMER_KEY"));
            accessTokenRequest.setClientSecret(consumerKeySecretMap.get("CONSUMER_SECRET"));
            accessTokenRequest.setAssertion(assertion);
            // Pass grant type to extend a custom grant instead of JWT grant in the future
            accessTokenRequest.setGrantType(KeyManagerConstants.JWT_GRANT_TYPE);
            accessTokenRequest.setScopes(scopes);
            accessTokenRequest.setValidityPeriod(validityPeriod);
            accessTokenInfo = getKeyManager().getNewAccessToken(accessTokenRequest);
            String usernameFromJWT = getUsernameFromJWT(accessTokenInfo.getIdToken());
            try {
                identityProvider.getIdOfUser(usernameFromJWT);
            } catch (IdentityProviderException e) {
                String errorMsg = "User " + usernameFromJWT + " does not exists in this environment.";
                throw new APIManagementException(errorMsg, e, ExceptionCodes.USER_NOT_AUTHENTICATED);
            }
        }
    } catch (KeyManagementException e) {
        String errorMsg = "Error while receiving tokens for OAuth application : " + appName;
        log.error(errorMsg, e, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
        throw new APIManagementException(errorMsg, e, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
    }
    log.debug("Received access token for {} application.", appName);
    return accessTokenInfo;
}
Also used : AccessTokenInfo(org.wso2.carbon.apimgt.core.models.AccessTokenInfo) APIManagementException(org.wso2.carbon.apimgt.core.exception.APIManagementException) APIMAppConfigurations(org.wso2.carbon.apimgt.rest.api.authenticator.configuration.models.APIMAppConfigurations) AccessTokenRequest(org.wso2.carbon.apimgt.core.models.AccessTokenRequest) MultiEnvironmentOverview(org.wso2.carbon.apimgt.core.configuration.models.MultiEnvironmentOverview) IdentityProviderException(org.wso2.carbon.apimgt.core.exception.IdentityProviderException) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException)

Example 2 with Environment

use of org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.environmentspecificproperty.Environment in project carbon-apimgt by wso2.

the class ConfigurationsAPI method environments.

/**
 * Get environment configurations from deployment.yaml and returns the list of environments
 *
 * @return Response List of environments: {"environments":[
 * {"host":"localhost:9292","loginTokenPath":"/login/token","label":"Development"},
 * {"host":"localhost:9293","loginTokenPath":"/login/token","label":"Production"}
 * ]}
 */
@GET
@Path("/environments")
@Produces(MediaType.APPLICATION_JSON)
public Response environments() {
    APIMUIConfigurations apimUIConfigurations = ConfigurationService.getInstance().getApimUIConfigurations();
    EnvironmentConfigBean environmentConfigBean = new EnvironmentConfigBean();
    environmentConfigBean.setEnvironments(apimUIConfigurations.getEnvironments());
    return Response.ok(environmentConfigBean, MediaType.APPLICATION_JSON).build();
}
Also used : EnvironmentConfigBean(org.wso2.carbon.apimgt.rest.api.configurations.utils.bean.EnvironmentConfigBean) APIMUIConfigurations(org.wso2.carbon.apimgt.rest.api.configurations.models.APIMUIConfigurations) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Example 3 with Environment

use of org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.environmentspecificproperty.Environment in project wso2-synapse by wso2.

the class JmxAdapter method createContextMap.

/**
 * Creates an environment context map containing the configuration used to start the
 * server connector.
 *
 * @return an environment context map containing the configuration used to start the server
 *         connector
 */
private Map<String, Object> createContextMap() {
    Map<String, Object> env = new HashMap<String, Object>();
    if (jmxInformation.isAuthenticate()) {
        if (jmxInformation.getRemotePasswordFile() != null) {
            env.put("jmx.remote.x.password.file", jmxInformation.getRemotePasswordFile());
        } else {
            SecretInformation secretInformation = jmxInformation.getSecretInformation();
            // Get the global secret resolver
            // TODO This should be properly implemented if JMX adapter is going to use out side synapse
            PasswordManager pwManager = PasswordManager.getInstance();
            if (pwManager.isInitialized()) {
                secretInformation.setGlobalSecretResolver(pwManager.getSecretResolver());
            }
            env.put(JMXConnectorServer.AUTHENTICATOR, new JmxSecretAuthenticator(jmxInformation.getSecretInformation()));
        }
        if (jmxInformation.getRemoteAccessFile() != null) {
            env.put("jmx.remote.x.access.file", jmxInformation.getRemoteAccessFile());
        }
    } else {
        log.warn("Using unsecured JMX remote access!");
    }
    if (jmxInformation.isRemoteSSL()) {
        log.info("Activated SSL communication");
        env.put("jmx.remote.rmi.client.socket.factory", new SslRMIClientSocketFactory());
        env.put("jmx.remote.rmi.server.socket.factory", new SslRMIServerSocketFactory());
    }
    return env;
}
Also used : SslRMIClientSocketFactory(javax.rmi.ssl.SslRMIClientSocketFactory) SecretInformation(org.wso2.securevault.secret.SecretInformation) HashMap(java.util.HashMap) PasswordManager(org.wso2.securevault.PasswordManager) JmxSecretAuthenticator(org.apache.synapse.commons.jmx.JmxSecretAuthenticator) SslRMIServerSocketFactory(javax.rmi.ssl.SslRMIServerSocketFactory)

Example 4 with Environment

use of org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.environmentspecificproperty.Environment in project airavata by apache.

the class Wso2IdentityServerClient method getAdminServiceClient.

public static RemoteUserStoreManagerServiceStub getAdminServiceClient(String adminUserName, String adminPassword, String adminService) {
    /**
     * trust store path.  this must contains server's  certificate or Server's CA chain
     */
    /* The below code snippet is intentionally commented for the build to pass,
         * because the private key and certificate file are not committed to GitHub,
         * which are needed to run the client */
    // String trustStore = System.getProperty("user.dir") + File.separator +
    // "modules" + File.separator + "user-profile-migration" + File.separator +
    // "src" + File.separator + "main" + File.separator +
    // "resources" + File.separator + "wso2carbon.jks";
    // System.out.println("file path : " + trustStore);
    /**
     * Call to https://localhost:9443/services/   uses HTTPS protocol.
     * Therefore we to validate the server certificate or CA chain. The server certificate is looked up in the
     * trust store.
     * Following code sets what trust-store to look for and its JKs password.
     */
    // System.setProperty("javax.net.ssl.trustStore",  trustStore );
    // System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
    // idp.scigap.org:9443 certificate has expired, so the following disables checking the certificate
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
        }

        public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
        }
    } };
    try {
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        SSLContext.setDefault(sc);
    } catch (KeyManagementException e) {
        throw new RuntimeException(e);
    } catch (NoSuchAlgorithmException e) {
        throw new RuntimeException(e);
    }
    /**
     * Axis2 configuration context
     */
    ConfigurationContext configContext;
    RemoteUserStoreManagerServiceStub adminStub;
    try {
        /**
         * Create a configuration context. A configuration context contains information for
         * axis2 environment. This is needed to create an axis2 service client
         */
        configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(null, null);
        /**
         * end point url with service name
         */
        // String serviceEndPoint = SEVER_URL + "RemoteUserStoreManagerService";
        String serviceEndPoint = SEVER_URL + adminService;
        /**
         * create stub and service client
         */
        adminStub = new RemoteUserStoreManagerServiceStub(configContext, serviceEndPoint);
        ServiceClient client = adminStub._getServiceClient();
        Options option = client.getOptions();
        /**
         * Setting a authenticated cookie that is received from Carbon server.
         * If you have authenticated with Carbon server earlier, you can use that cookie, if
         * it has not been expired
         */
        option.setProperty(HTTPConstants.COOKIE_STRING, null);
        /**
         * Setting basic auth headers for authentication for carbon server
         */
        HttpTransportProperties.Authenticator auth = new HttpTransportProperties.Authenticator();
        auth.setUsername(adminUserName);
        auth.setPassword(adminPassword);
        auth.setPreemptiveAuthentication(true);
        option.setProperty(HTTPConstants.AUTHENTICATE, auth);
        option.setManageSession(true);
        return adminStub;
    } catch (Exception e) {
        e.printStackTrace();
    }
    return null;
}
Also used : ConfigurationContext(org.apache.axis2.context.ConfigurationContext) Options(org.apache.axis2.client.Options) HttpTransportProperties(org.apache.axis2.transport.http.HttpTransportProperties) RemoteUserStoreManagerServiceStub(org.wso2.carbon.um.ws.api.stub.RemoteUserStoreManagerServiceStub) SSLContext(javax.net.ssl.SSLContext) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyManagementException(java.security.KeyManagementException) KeyManagementException(java.security.KeyManagementException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) TrustManager(javax.net.ssl.TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager) ServiceClient(org.apache.axis2.client.ServiceClient)

Example 5 with Environment

use of org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.environmentspecificproperty.Environment in project ballerina by ballerina-lang.

the class SemanticAnalyzer method visit.

@Override
public void visit(BLangForkJoin forkJoin) {
    SymbolEnv forkJoinEnv = SymbolEnv.createFolkJoinEnv(forkJoin, this.env);
    forkJoin.workers.forEach(e -> this.symbolEnter.defineNode(e, forkJoinEnv));
    forkJoin.workers.forEach(e -> this.analyzeDef(e, forkJoinEnv));
    if (!this.isJoinResultType(forkJoin.joinResultVar)) {
        this.dlog.error(forkJoin.joinResultVar.pos, DiagnosticCode.INVALID_WORKER_JOIN_RESULT_TYPE);
    }
    /* create code black and environment for join result section, i.e. (map results) */
    BLangBlockStmt joinResultsBlock = this.generateCodeBlock(this.createVarDef(forkJoin.joinResultVar));
    SymbolEnv joinResultsEnv = SymbolEnv.createBlockEnv(joinResultsBlock, this.env);
    this.analyzeNode(joinResultsBlock, joinResultsEnv);
    /* create an environment for the join body, making the enclosing environment the earlier
         * join result's environment */
    SymbolEnv joinBodyEnv = SymbolEnv.createBlockEnv(forkJoin.joinedBody, joinResultsEnv);
    this.analyzeNode(forkJoin.joinedBody, joinBodyEnv);
    if (forkJoin.timeoutExpression != null) {
        if (!this.isJoinResultType(forkJoin.timeoutVariable)) {
            this.dlog.error(forkJoin.timeoutVariable.pos, DiagnosticCode.INVALID_WORKER_TIMEOUT_RESULT_TYPE);
        }
        /* create code black and environment for timeout section */
        BLangBlockStmt timeoutVarBlock = this.generateCodeBlock(this.createVarDef(forkJoin.timeoutVariable));
        SymbolEnv timeoutVarEnv = SymbolEnv.createBlockEnv(timeoutVarBlock, this.env);
        this.typeChecker.checkExpr(forkJoin.timeoutExpression, timeoutVarEnv, Arrays.asList(symTable.intType));
        this.analyzeNode(timeoutVarBlock, timeoutVarEnv);
        /* create an environment for the timeout body, making the enclosing environment the earlier
             * timeout var's environment */
        SymbolEnv timeoutBodyEnv = SymbolEnv.createBlockEnv(forkJoin.timeoutBody, timeoutVarEnv);
        this.analyzeNode(forkJoin.timeoutBody, timeoutBodyEnv);
    }
    this.validateJoinWorkerList(forkJoin, forkJoinEnv);
}
Also used : BLangBlockStmt(org.wso2.ballerinalang.compiler.tree.statements.BLangBlockStmt) SymbolEnv(org.wso2.ballerinalang.compiler.semantics.model.SymbolEnv)

Aggregations

Environment (org.wso2.carbon.apimgt.api.model.Environment)67 APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)53 ArrayList (java.util.ArrayList)35 HashMap (java.util.HashMap)25 API (org.wso2.carbon.apimgt.api.model.API)22 IOException (java.io.IOException)19 APIRevisionDeployment (org.wso2.carbon.apimgt.api.model.APIRevisionDeployment)19 Map (java.util.Map)15 APIProvider (org.wso2.carbon.apimgt.api.APIProvider)13 APIIdentifier (org.wso2.carbon.apimgt.api.model.APIIdentifier)12 JsonObject (com.google.gson.JsonObject)10 PreparedStatement (java.sql.PreparedStatement)10 SQLException (java.sql.SQLException)10 HashSet (java.util.HashSet)10 APIConsumer (org.wso2.carbon.apimgt.api.APIConsumer)10 SolaceAdminApis (org.wso2.carbon.apimgt.solace.SolaceAdminApis)10 Gson (com.google.gson.Gson)9 JSONObject (org.json.simple.JSONObject)9 Test (org.junit.Test)9 SubscribedAPI (org.wso2.carbon.apimgt.api.model.SubscribedAPI)9