use of org.wso2.carbon.apimgt.impl.workflow.WorkflowExecutor in project carbon-apimgt by wso2.
the class APIStateChangeWSWorkflowExecutor method execute.
@Override
public WorkflowResponse execute(WorkflowDTO workflowDTO) throws WorkflowException {
if (log.isDebugEnabled()) {
log.debug("Executing API State change Workflow.");
log.debug("Execute workflowDTO " + workflowDTO.toString());
}
if (stateList != null) {
Map<String, List<String>> stateActionMap = getSelectedStatesToApprove();
APIStateWorkflowDTO apiStateWorkFlowDTO = (APIStateWorkflowDTO) workflowDTO;
if (stateActionMap.containsKey(apiStateWorkFlowDTO.getApiCurrentState().toUpperCase()) && stateActionMap.get(apiStateWorkFlowDTO.getApiCurrentState().toUpperCase()).contains(apiStateWorkFlowDTO.getApiLCAction())) {
// set the auth application related info. This will be used to call the callback service
setOAuthApplicationInfo(apiStateWorkFlowDTO);
// build request payload
String jsonPayload = buildPayloadForBPMNProcess(apiStateWorkFlowDTO);
if (log.isDebugEnabled()) {
log.debug("APIStateChange payload: " + jsonPayload);
}
if (serviceEndpoint == null) {
// set the bps endpoint from the global configurations
WorkflowProperties workflowProperties = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration().getWorkflowProperties();
serviceEndpoint = workflowProperties.getServerUrl();
}
URL serviceEndpointURL = new URL(serviceEndpoint);
HttpClient httpClient = APIUtil.getHttpClient(serviceEndpointURL.getPort(), serviceEndpointURL.getProtocol());
HttpPost httpPost = new HttpPost(serviceEndpoint + RUNTIME_INSTANCE_RESOURCE_PATH);
// Generate the basic auth header using provided user credentials
String authHeader = getBasicAuthHeader();
httpPost.setHeader(HttpHeaders.AUTHORIZATION, authHeader);
StringEntity requestEntity = new StringEntity(jsonPayload, ContentType.APPLICATION_JSON);
httpPost.setEntity(requestEntity);
try {
HttpResponse response = httpClient.execute(httpPost);
if (response.getStatusLine().getStatusCode() != HttpStatus.SC_CREATED) {
String error = "Error while starting the process: " + response.getStatusLine().getStatusCode() + " " + response.getStatusLine().getReasonPhrase();
log.error(error);
throw new WorkflowException(error);
}
} catch (ClientProtocolException e) {
String errorMsg = "Error while creating the http client";
log.error(errorMsg, e);
throw new WorkflowException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "Error while connecting to the BPMN process server from the WorkflowExecutor.";
log.error(errorMsg, e);
throw new WorkflowException(errorMsg, e);
} finally {
httpPost.reset();
}
super.execute(workflowDTO);
} else {
// For any other states, act as simpleworkflow executor.
workflowDTO.setStatus(WorkflowStatus.APPROVED);
// calling super.complete() instead of complete() to act as the simpleworkflow executor
super.complete(workflowDTO);
}
} else {
String msg = "State change list is not provided. Please check <stateList> element in ";
log.error(msg);
throw new WorkflowException(msg);
}
return new GeneralWorkflowResponse();
}
use of org.wso2.carbon.apimgt.impl.workflow.WorkflowExecutor in project carbon-apimgt by wso2.
the class APIConsumerImpl method removeApplication.
/**
* Function to remove an Application from the API Store
*
* @param application - The Application Object that represents the Application
* @param username
* @throws APIManagementException
*/
@Override
public void removeApplication(Application application, String username) throws APIManagementException {
String uuid = application.getUUID();
Map<String, Pair<String, String>> consumerKeysOfApplication = null;
if (application.getId() == 0 && !StringUtils.isEmpty(uuid)) {
application = apiMgtDAO.getApplicationByUUID(uuid);
}
consumerKeysOfApplication = apiMgtDAO.getConsumerKeysForApplication(application.getId());
boolean isTenantFlowStarted = false;
int applicationId = application.getId();
boolean isCaseInsensitiveComparisons = Boolean.parseBoolean(getAPIManagerConfiguration().getFirstProperty(APIConstants.API_STORE_FORCE_CI_COMPARISIONS));
boolean isUserAppOwner;
if (isCaseInsensitiveComparisons) {
isUserAppOwner = application.getSubscriber().getName().equalsIgnoreCase(username);
} else {
isUserAppOwner = application.getSubscriber().getName().equals(username);
}
if (!isUserAppOwner) {
throw new APIManagementException("user: " + username + ", " + "attempted to remove application owned by: " + application.getSubscriber().getName());
}
try {
String workflowExtRef;
ApplicationWorkflowDTO workflowDTO;
if (tenantDomain != null && !MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
PrivilegedCarbonContext.startTenantFlow();
isTenantFlowStarted = true;
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain, true);
}
WorkflowExecutor createApplicationWFExecutor = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_APPLICATION_CREATION);
WorkflowExecutor createSubscriptionWFExecutor = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_SUBSCRIPTION_CREATION);
WorkflowExecutor createProductionRegistrationWFExecutor = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_PRODUCTION);
WorkflowExecutor createSandboxRegistrationWFExecutor = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_SANDBOX);
WorkflowExecutor removeApplicationWFExecutor = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_APPLICATION_DELETION);
workflowExtRef = apiMgtDAO.getExternalWorkflowReferenceByApplicationID(application.getId());
// in a normal flow workflowExtRef is null when workflows are not enabled
if (workflowExtRef == null) {
workflowDTO = new ApplicationWorkflowDTO();
} else {
workflowDTO = (ApplicationWorkflowDTO) apiMgtDAO.retrieveWorkflow(workflowExtRef);
}
workflowDTO.setApplication(application);
workflowDTO.setCallbackUrl(removeApplicationWFExecutor.getCallbackURL());
workflowDTO.setUserName(this.username);
workflowDTO.setTenantDomain(tenantDomain);
workflowDTO.setTenantId(tenantId);
// clean up pending subscription tasks
Set<Integer> pendingSubscriptions = apiMgtDAO.getPendingSubscriptionsByApplicationId(applicationId);
for (int subscription : pendingSubscriptions) {
try {
workflowExtRef = apiMgtDAO.getExternalWorkflowReferenceForSubscription(subscription);
createSubscriptionWFExecutor.cleanUpPendingTask(workflowExtRef);
} catch (APIManagementException ex) {
// failed cleanup processes are ignored to prevent failing the application removal process
log.warn("Failed to get external workflow reference for subscription " + subscription);
} catch (WorkflowException ex) {
// failed cleanup processes are ignored to prevent failing the application removal process
log.warn("Failed to clean pending subscription approval task: " + subscription);
}
}
// cleanup pending application registration tasks
Map<String, String> keyManagerWiseProductionKeyStatus = apiMgtDAO.getRegistrationApprovalState(applicationId, APIConstants.API_KEY_TYPE_PRODUCTION);
Map<String, String> keyManagerWiseSandboxKeyStatus = apiMgtDAO.getRegistrationApprovalState(applicationId, APIConstants.API_KEY_TYPE_SANDBOX);
keyManagerWiseProductionKeyStatus.forEach((keyManagerName, state) -> {
if (WorkflowStatus.CREATED.toString().equals(state)) {
try {
String applicationRegistrationExternalRef = apiMgtDAO.getRegistrationWFReference(applicationId, APIConstants.API_KEY_TYPE_PRODUCTION, keyManagerName);
createProductionRegistrationWFExecutor.cleanUpPendingTask(applicationRegistrationExternalRef);
} catch (APIManagementException ex) {
// failed cleanup processes are ignored to prevent failing the application removal process
log.warn("Failed to get external workflow reference for production key of application " + applicationId);
} catch (WorkflowException ex) {
// failed cleanup processes are ignored to prevent failing the application removal process
log.warn("Failed to clean pending production key approval task of " + applicationId);
}
}
});
keyManagerWiseSandboxKeyStatus.forEach((keyManagerName, state) -> {
if (WorkflowStatus.CREATED.toString().equals(state)) {
try {
String applicationRegistrationExternalRef = apiMgtDAO.getRegistrationWFReference(applicationId, APIConstants.API_KEY_TYPE_SANDBOX, keyManagerName);
createSandboxRegistrationWFExecutor.cleanUpPendingTask(applicationRegistrationExternalRef);
} catch (APIManagementException ex) {
// failed cleanup processes are ignored to prevent failing the application removal process
log.warn("Failed to get external workflow reference for sandbox key of application " + applicationId);
} catch (WorkflowException ex) {
// failed cleanup processes are ignored to prevent failing the application removal process
log.warn("Failed to clean pending sandbox key approval task of " + applicationId);
}
}
});
if (workflowExtRef != null) {
try {
createApplicationWFExecutor.cleanUpPendingTask(workflowExtRef);
} catch (WorkflowException ex) {
// failed cleanup processes are ignored to prevent failing the application removal process
log.warn("Failed to clean pending application approval task of " + applicationId);
}
}
// update attributes of the new remove workflow to be created
workflowDTO.setStatus(WorkflowStatus.CREATED);
workflowDTO.setCreatedTime(System.currentTimeMillis());
workflowDTO.setWorkflowType(WorkflowConstants.WF_TYPE_AM_APPLICATION_DELETION);
workflowDTO.setExternalWorkflowReference(removeApplicationWFExecutor.generateUUID());
removeApplicationWFExecutor.execute(workflowDTO);
JSONObject appLogObject = new JSONObject();
appLogObject.put(APIConstants.AuditLogConstants.NAME, application.getName());
appLogObject.put(APIConstants.AuditLogConstants.TIER, application.getTier());
appLogObject.put(APIConstants.AuditLogConstants.CALLBACK, application.getCallbackUrl());
appLogObject.put(APIConstants.AuditLogConstants.GROUPS, application.getGroupId());
appLogObject.put(APIConstants.AuditLogConstants.OWNER, application.getSubscriber().getName());
APIUtil.logAuditMessage(APIConstants.AuditLogConstants.APPLICATION, appLogObject.toString(), APIConstants.AuditLogConstants.DELETED, this.username);
} catch (WorkflowException e) {
String errorMsg = "Could not execute Workflow, " + WorkflowConstants.WF_TYPE_AM_APPLICATION_DELETION + " " + "for applicationID " + application.getId();
handleException(errorMsg, e);
} finally {
if (isTenantFlowStarted) {
endTenantFlow();
}
}
if (log.isDebugEnabled()) {
String logMessage = "Application Name: " + application.getName() + " successfully removed";
log.debug(logMessage);
}
// Extracting API details for the recommendation system
if (recommendationEnvironment != null) {
RecommenderEventPublisher extractor = new RecommenderDetailsExtractor(applicationId, username, requestedTenant);
Thread recommendationThread = new Thread(extractor);
recommendationThread.start();
}
// get the workflow state once the executor is executed.
WorkflowDTO wfDTO = apiMgtDAO.retrieveWorkflowFromInternalReference(Integer.toString(applicationId), WorkflowConstants.WF_TYPE_AM_APPLICATION_DELETION);
// wfDTO is null when simple wf executor is used because wf state is not stored in the db and is always approved.
if (wfDTO != null) {
if (WorkflowStatus.APPROVED.equals(wfDTO.getStatus()) || wfDTO.getStatus() == null) {
ApplicationEvent applicationEvent = new ApplicationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.APPLICATION_DELETE.name(), tenantId, application.getOrganization(), applicationId, application.getUUID(), application.getName(), application.getTokenType(), application.getTier(), application.getGroupId(), Collections.EMPTY_MAP, username);
APIUtil.sendNotification(applicationEvent, APIConstants.NotifierType.APPLICATION.name());
}
} else {
ApplicationEvent applicationEvent = new ApplicationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.APPLICATION_DELETE.name(), tenantId, application.getOrganization(), applicationId, application.getUUID(), application.getName(), application.getTokenType(), application.getTier(), application.getGroupId(), Collections.EMPTY_MAP, username);
APIUtil.sendNotification(applicationEvent, APIConstants.NotifierType.APPLICATION.name());
}
if (consumerKeysOfApplication != null && consumerKeysOfApplication.size() > 0) {
for (Map.Entry<String, Pair<String, String>> entry : consumerKeysOfApplication.entrySet()) {
String consumerKey = entry.getKey();
String keyManagerName = entry.getValue().getKey();
String keyManagerTenantDomain = entry.getValue().getValue();
ApplicationRegistrationEvent removeEntryTrigger = new ApplicationRegistrationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.REMOVE_APPLICATION_KEYMAPPING.name(), APIUtil.getTenantIdFromTenantDomain(keyManagerTenantDomain), keyManagerTenantDomain, application.getId(), application.getUUID(), consumerKey, application.getKeyType(), keyManagerName);
APIUtil.sendNotification(removeEntryTrigger, APIConstants.NotifierType.APPLICATION_REGISTRATION.name());
}
}
}
use of org.wso2.carbon.apimgt.impl.workflow.WorkflowExecutor in project carbon-apimgt by wso2.
the class APIConsumerImpl method addApplication.
/**
* Add a new Application from the store.
* @param application - {@link org.wso2.carbon.apimgt.api.model.Application}
* @param userId - {@link String}
* @param organization
* @return {@link String}
*/
@Override
public int addApplication(Application application, String userId, String organization) throws APIManagementException {
if (APIUtil.isOnPremResolver()) {
organization = tenantDomain;
}
if (application.getName() != null && (application.getName().length() != application.getName().trim().length())) {
handleApplicationNameContainSpacesException("Application name " + "cannot contain leading or trailing white spaces");
}
validateApplicationPolicy(application, organization);
JSONArray applicationAttributesFromConfig = getAppAttributesFromConfig(userId);
Map<String, String> applicationAttributes = application.getApplicationAttributes();
if (applicationAttributes == null) {
/*
* This empty Hashmap is set to avoid throwing a null pointer exception, in case no application attributes
* are set when creating an application
*/
applicationAttributes = new HashMap<String, String>();
}
Set<String> configAttributes = new HashSet<>();
if (applicationAttributesFromConfig != null) {
for (Object object : applicationAttributesFromConfig) {
JSONObject attribute = (JSONObject) object;
Boolean hidden = (Boolean) attribute.get(APIConstants.ApplicationAttributes.HIDDEN);
Boolean required = (Boolean) attribute.get(APIConstants.ApplicationAttributes.REQUIRED);
String attributeName = (String) attribute.get(APIConstants.ApplicationAttributes.ATTRIBUTE);
String defaultValue = (String) attribute.get(APIConstants.ApplicationAttributes.DEFAULT);
if (BooleanUtils.isTrue(hidden) && BooleanUtils.isTrue(required) && StringUtils.isEmpty(defaultValue)) {
/*
* In case a default value is not provided for a required hidden attribute, an exception is thrown,
* we don't do this validation in server startup to support multi tenancy scenarios
*/
handleException("Default value not provided for hidden required attribute. Please check the " + "configuration");
}
configAttributes.add(attributeName);
if (BooleanUtils.isTrue(required)) {
if (BooleanUtils.isTrue(hidden)) {
/*
* If a required hidden attribute is attempted to be populated, we replace it with
* the default value.
*/
String oldValue = applicationAttributes.put(attributeName, defaultValue);
if (StringUtils.isNotEmpty(oldValue)) {
log.info("Replaced provided value: " + oldValue + " with default the value" + " for the hidden application attribute: " + attributeName);
}
} else if (!applicationAttributes.keySet().contains(attributeName)) {
if (StringUtils.isNotEmpty(defaultValue)) {
/*
* If a required attribute is not provided and a default value is given, we replace it with
* the default value.
*/
applicationAttributes.put(attributeName, defaultValue);
log.info("Added default value: " + defaultValue + " as required attribute: " + attributeName + "is not provided");
} else {
/*
* If a required attribute is not provided but a default value not given, we throw a bad
* request exception.
*/
handleException("Bad Request. Required application attribute not provided");
}
}
} else if (BooleanUtils.isTrue(hidden)) {
/*
* If an optional hidden attribute is provided, we remove it and leave it blank, and leave it for
* an extension to populate it.
*/
applicationAttributes.remove(attributeName);
}
}
application.setApplicationAttributes(validateApplicationAttributes(applicationAttributes, configAttributes));
} else {
application.setApplicationAttributes(null);
}
application.setUUID(UUID.randomUUID().toString());
if (APIUtil.isApplicationExist(userId, application.getName(), application.getGroupId(), organization)) {
handleResourceAlreadyExistsException("A duplicate application already exists by the name - " + application.getName());
}
// check whether callback url is empty and set null
if (StringUtils.isBlank(application.getCallbackUrl())) {
application.setCallbackUrl(null);
}
int applicationId = apiMgtDAO.addApplication(application, userId, organization);
JSONObject appLogObject = new JSONObject();
appLogObject.put(APIConstants.AuditLogConstants.NAME, application.getName());
appLogObject.put(APIConstants.AuditLogConstants.TIER, application.getTier());
appLogObject.put(APIConstants.AuditLogConstants.CALLBACK, application.getCallbackUrl());
appLogObject.put(APIConstants.AuditLogConstants.GROUPS, application.getGroupId());
appLogObject.put(APIConstants.AuditLogConstants.OWNER, application.getSubscriber().getName());
APIUtil.logAuditMessage(APIConstants.AuditLogConstants.APPLICATION, appLogObject.toString(), APIConstants.AuditLogConstants.CREATED, this.username);
boolean isTenantFlowStarted = false;
if (tenantDomain != null && !MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
isTenantFlowStarted = startTenantFlowForTenantDomain(tenantDomain);
}
try {
WorkflowExecutor appCreationWFExecutor = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_APPLICATION_CREATION);
ApplicationWorkflowDTO appWFDto = new ApplicationWorkflowDTO();
appWFDto.setApplication(application);
appWFDto.setExternalWorkflowReference(appCreationWFExecutor.generateUUID());
appWFDto.setWorkflowReference(String.valueOf(applicationId));
appWFDto.setWorkflowType(WorkflowConstants.WF_TYPE_AM_APPLICATION_CREATION);
appWFDto.setCallbackUrl(appCreationWFExecutor.getCallbackURL());
appWFDto.setStatus(WorkflowStatus.CREATED);
appWFDto.setTenantDomain(organization);
appWFDto.setTenantId(tenantId);
appWFDto.setUserName(userId);
appWFDto.setCreatedTime(System.currentTimeMillis());
appCreationWFExecutor.execute(appWFDto);
} catch (WorkflowException e) {
// If the workflow execution fails, roll back transaction by removing the application entry.
application.setId(applicationId);
apiMgtDAO.deleteApplication(application);
log.error("Unable to execute Application Creation Workflow", e);
handleException("Unable to execute Application Creation Workflow", e);
} finally {
if (isTenantFlowStarted) {
endTenantFlow();
}
}
if (log.isDebugEnabled()) {
log.debug("Application Name: " + application.getName() + " added successfully.");
}
// Extracting API details for the recommendation system
if (recommendationEnvironment != null) {
RecommenderEventPublisher extractor = new RecommenderDetailsExtractor(application, userId, applicationId, requestedTenant);
Thread recommendationThread = new Thread(extractor);
recommendationThread.start();
}
// get the workflow state once the executor is executed.
WorkflowDTO wfDTO = apiMgtDAO.retrieveWorkflowFromInternalReference(Integer.toString(applicationId), WorkflowConstants.WF_TYPE_AM_APPLICATION_CREATION);
// wfDTO is null when simple wf executor is used because wf state is not stored in the db and is always approved.
if (wfDTO != null) {
if (WorkflowStatus.APPROVED.equals(wfDTO.getStatus())) {
ApplicationEvent applicationEvent = new ApplicationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.APPLICATION_CREATE.name(), tenantId, organization, applicationId, application.getUUID(), application.getName(), application.getTokenType(), application.getTier(), application.getGroupId(), application.getApplicationAttributes(), userId);
APIUtil.sendNotification(applicationEvent, APIConstants.NotifierType.APPLICATION.name());
}
} else {
ApplicationEvent applicationEvent = new ApplicationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.APPLICATION_CREATE.name(), tenantId, organization, applicationId, application.getUUID(), application.getName(), application.getTokenType(), application.getTier(), application.getGroupId(), application.getApplicationAttributes(), userId);
APIUtil.sendNotification(applicationEvent, APIConstants.NotifierType.APPLICATION.name());
}
return applicationId;
}
use of org.wso2.carbon.apimgt.impl.workflow.WorkflowExecutor in project carbon-apimgt by wso2.
the class APIConsumerImpl method requestApprovalForApplicationRegistration.
/**
* This method specifically implemented for REST API by removing application and data access logic
* from host object layer. So as per new implementation we need to pass requested scopes to this method
* as tokenScope. So we will do scope related other logic here in this method.
* So host object should only pass required 9 parameters.
*/
@Override
public Map<String, Object> requestApprovalForApplicationRegistration(String userId, Application application, String tokenType, String callbackUrl, String[] allowedDomains, String validityTime, String tokenScope, String jsonString, String keyManagerName, String tenantDomain, boolean isImportMode) throws APIManagementException {
boolean isTenantFlowStarted = false;
if (StringUtils.isEmpty(tenantDomain)) {
tenantDomain = MultitenantUtils.getTenantDomain(userId);
} else {
int tenantId = APIUtil.getInternalOrganizationId(tenantDomain);
// To handle choreo scenario.
if (tenantId == MultitenantConstants.SUPER_TENANT_ID) {
tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
}
}
String keyManagerId = null;
if (keyManagerName != null) {
KeyManagerConfigurationDTO keyManagerConfiguration = apiMgtDAO.getKeyManagerConfigurationByName(tenantDomain, keyManagerName);
if (keyManagerConfiguration == null) {
keyManagerConfiguration = apiMgtDAO.getKeyManagerConfigurationByUUID(keyManagerName);
if (keyManagerConfiguration != null) {
keyManagerId = keyManagerName;
keyManagerName = keyManagerConfiguration.getName();
}
} else {
keyManagerId = keyManagerConfiguration.getUuid();
}
if (keyManagerConfiguration == null || !keyManagerConfiguration.isEnabled()) {
throw new APIManagementException("Key Manager " + keyManagerName + " doesn't exist in Tenant " + tenantDomain, ExceptionCodes.KEY_MANAGER_NOT_REGISTERED);
}
if (KeyManagerConfiguration.TokenType.EXCHANGED.toString().equals(keyManagerConfiguration.getTokenType())) {
throw new APIManagementException("Key Manager " + keyManagerName + " doesn't support to generate" + " Client Application", ExceptionCodes.KEY_MANAGER_NOT_SUPPORT_OAUTH_APP_CREATION);
}
Object enableOauthAppCreation = keyManagerConfiguration.getProperty(APIConstants.KeyManager.ENABLE_OAUTH_APP_CREATION);
if (enableOauthAppCreation != null && !(Boolean) enableOauthAppCreation) {
if (isImportMode) {
log.debug("Importing application when KM OAuth App creation is disabled. Trying to map keys");
// in the `jsonString` and ApplicationUtils#createOauthAppRequest logic handles it.
return mapExistingOAuthClient(jsonString, userId, null, application.getName(), tokenType, APIConstants.DEFAULT_TOKEN_TYPE, keyManagerName, tenantDomain);
} else {
throw new APIManagementException("Key Manager " + keyManagerName + " doesn't support to generate" + " Client Application", ExceptionCodes.KEY_MANAGER_NOT_SUPPORT_OAUTH_APP_CREATION);
}
}
}
try {
if (tenantDomain != null && !MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
isTenantFlowStarted = startTenantFlowForTenantDomain(tenantDomain);
}
// check if there are any existing key mappings set for the application and the key manager.
if (apiMgtDAO.isKeyMappingExistsForApplication(application.getId(), keyManagerName, keyManagerId, tokenType)) {
throw new APIManagementException("Key Mappings already exists for application " + application.getName(), ExceptionCodes.KEY_MAPPING_ALREADY_EXIST);
}
// initiate WorkflowExecutor
WorkflowExecutor appRegistrationWorkflow = null;
// initiate ApplicationRegistrationWorkflowDTO
ApplicationRegistrationWorkflowDTO appRegWFDto = null;
ApplicationKeysDTO appKeysDto = new ApplicationKeysDTO();
boolean isCaseInsensitiveComparisons = Boolean.parseBoolean(getAPIManagerConfiguration().getFirstProperty(APIConstants.API_STORE_FORCE_CI_COMPARISIONS));
boolean isUserAppOwner;
if (isCaseInsensitiveComparisons) {
isUserAppOwner = application.getSubscriber().getName().equalsIgnoreCase(userId);
} else {
isUserAppOwner = application.getSubscriber().getName().equals(userId);
}
if (!isUserAppOwner) {
throw new APIManagementException("user: " + application.getSubscriber().getName() + ", " + "attempted to generate tokens for application owned by: " + userId);
}
// if its a PRODUCTION application.
if (APIConstants.API_KEY_TYPE_PRODUCTION.equals(tokenType)) {
// initiate workflow type. By default simple work flow will be
// executed.
appRegistrationWorkflow = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_PRODUCTION);
appRegWFDto = (ApplicationRegistrationWorkflowDTO) WorkflowExecutorFactory.getInstance().createWorkflowDTO(WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_PRODUCTION);
} else // if it is a sandBox application.
if (APIConstants.API_KEY_TYPE_SANDBOX.equals(tokenType)) {
// if its a SANDBOX application.
appRegistrationWorkflow = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_SANDBOX);
appRegWFDto = (ApplicationRegistrationWorkflowDTO) WorkflowExecutorFactory.getInstance().createWorkflowDTO(WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_SANDBOX);
} else {
throw new APIManagementException("Invalid Token Type '" + tokenType + "' requested.");
}
// check whether callback url is empty and set null
if (StringUtils.isBlank(callbackUrl)) {
callbackUrl = null;
}
String applicationTokenType = application.getTokenType();
if (StringUtils.isEmpty(application.getTokenType())) {
applicationTokenType = APIConstants.DEFAULT_TOKEN_TYPE;
}
// Build key manager instance and create oAuthAppRequest by jsonString.
OAuthAppRequest request = ApplicationUtils.createOauthAppRequest(application.getName(), null, callbackUrl, tokenScope, jsonString, applicationTokenType, tenantDomain, keyManagerName);
request.getOAuthApplicationInfo().addParameter(ApplicationConstants.VALIDITY_PERIOD, validityTime);
request.getOAuthApplicationInfo().addParameter(ApplicationConstants.APP_KEY_TYPE, tokenType);
request.getOAuthApplicationInfo().addParameter(ApplicationConstants.APP_CALLBACK_URL, callbackUrl);
request.getOAuthApplicationInfo().setApplicationUUID(application.getUUID());
// Setting request values in WorkflowDTO - In future we should keep
// Application/OAuthApplication related
// information in the respective entities not in the workflowDTO.
appRegWFDto.setStatus(WorkflowStatus.CREATED);
appRegWFDto.setCreatedTime(System.currentTimeMillis());
appRegWFDto.setTenantDomain(tenantDomain);
appRegWFDto.setTenantId(tenantId);
appRegWFDto.setExternalWorkflowReference(appRegistrationWorkflow.generateUUID());
appRegWFDto.setWorkflowReference(appRegWFDto.getExternalWorkflowReference());
appRegWFDto.setApplication(application);
appRegWFDto.setKeyManager(keyManagerId);
request.setMappingId(appRegWFDto.getWorkflowReference());
if (!application.getSubscriber().getName().equals(userId)) {
appRegWFDto.setUserName(application.getSubscriber().getName());
} else {
appRegWFDto.setUserName(userId);
}
appRegWFDto.setCallbackUrl(appRegistrationWorkflow.getCallbackURL());
appRegWFDto.setAppInfoDTO(request);
appRegWFDto.setDomainList(allowedDomains);
appRegWFDto.setKeyDetails(appKeysDto);
appRegistrationWorkflow.execute(appRegWFDto);
Map<String, Object> keyDetails = new HashMap<String, Object>();
keyDetails.put(APIConstants.FrontEndParameterNames.KEY_STATE, appRegWFDto.getStatus().toString());
OAuthApplicationInfo applicationInfo = appRegWFDto.getApplicationInfo();
String keyMappingId = apiMgtDAO.getKeyMappingIdFromApplicationIdKeyTypeAndKeyManager(application.getId(), tokenType, keyManagerId);
keyDetails.put(APIConstants.FrontEndParameterNames.KEY_MAPPING_ID, keyMappingId);
if (applicationInfo != null) {
keyDetails.put(APIConstants.FrontEndParameterNames.CONSUMER_KEY, applicationInfo.getClientId());
keyDetails.put(APIConstants.FrontEndParameterNames.CONSUMER_SECRET, applicationInfo.getClientSecret());
keyDetails.put(ApplicationConstants.OAUTH_APP_DETAILS, applicationInfo.getJsonString());
keyDetails.put(APIConstants.FrontEndParameterNames.MODE, APIConstants.OAuthAppMode.CREATED.name());
}
// There can be instances where generating the Application Token is
// not required. In those cases,
// token info will have nothing.
AccessTokenInfo tokenInfo = appRegWFDto.getAccessTokenInfo();
if (tokenInfo != null) {
keyDetails.put("accessToken", tokenInfo.getAccessToken());
keyDetails.put("validityTime", tokenInfo.getValidityPeriod());
keyDetails.put("tokenDetails", tokenInfo.getJSONString());
keyDetails.put("tokenScope", tokenInfo.getScopes());
}
JSONObject appLogObject = new JSONObject();
appLogObject.put("Generated keys for application", application.getName());
APIUtil.logAuditMessage(APIConstants.AuditLogConstants.APPLICATION, appLogObject.toString(), APIConstants.AuditLogConstants.UPDATED, this.username);
// if its a PRODUCTION application.
if (APIConstants.API_KEY_TYPE_PRODUCTION.equals(tokenType)) {
// get the workflow state once the executor is executed.
WorkflowDTO wfDTO = apiMgtDAO.retrieveWorkflowFromInternalReference(appRegWFDto.getExternalWorkflowReference(), WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_PRODUCTION);
// wfDTO is null when simple wf executor is used because wf state is not stored in the db and is always approved.
if (wfDTO != null) {
if (WorkflowStatus.APPROVED.equals(wfDTO.getStatus())) {
ApplicationRegistrationEvent applicationRegistrationEvent = new ApplicationRegistrationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.APPLICATION_REGISTRATION_CREATE.name(), tenantId, tenantDomain, application.getId(), application.getUUID(), applicationInfo.getClientId(), tokenType, keyManagerName);
APIUtil.sendNotification(applicationRegistrationEvent, APIConstants.NotifierType.APPLICATION_REGISTRATION.name());
}
} else {
ApplicationRegistrationEvent applicationRegistrationEvent = new ApplicationRegistrationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.APPLICATION_REGISTRATION_CREATE.name(), tenantId, tenantDomain, application.getId(), application.getUUID(), applicationInfo.getClientId(), tokenType, keyManagerName);
APIUtil.sendNotification(applicationRegistrationEvent, APIConstants.NotifierType.APPLICATION_REGISTRATION.name());
}
} else if (APIConstants.API_KEY_TYPE_SANDBOX.equals(tokenType)) {
// get the workflow state once the executor is executed.
WorkflowDTO wfDTO = apiMgtDAO.retrieveWorkflowFromInternalReference(appRegWFDto.getExternalWorkflowReference(), WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_SANDBOX);
// wfDTO is null when simple wf executor is used because wf state is not stored in the db and is always approved.
if (wfDTO != null) {
if (WorkflowStatus.APPROVED.equals(wfDTO.getStatus())) {
ApplicationRegistrationEvent applicationRegistrationEvent = new ApplicationRegistrationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.APPLICATION_REGISTRATION_CREATE.name(), tenantId, tenantDomain, application.getId(), application.getUUID(), applicationInfo.getClientId(), tokenType, keyManagerName);
APIUtil.sendNotification(applicationRegistrationEvent, APIConstants.NotifierType.APPLICATION_REGISTRATION.name());
}
} else {
ApplicationRegistrationEvent applicationRegistrationEvent = new ApplicationRegistrationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.APPLICATION_REGISTRATION_CREATE.name(), tenantId, tenantDomain, application.getId(), application.getUUID(), applicationInfo.getClientId(), tokenType, keyManagerName);
APIUtil.sendNotification(applicationRegistrationEvent, APIConstants.NotifierType.APPLICATION_REGISTRATION.name());
}
}
return keyDetails;
} catch (WorkflowException e) {
log.error("Could not execute Workflow", e);
throw new APIManagementException(e);
} finally {
if (isTenantFlowStarted) {
endTenantFlow();
}
}
}
use of org.wso2.carbon.apimgt.impl.workflow.WorkflowExecutor in project carbon-apimgt by wso2.
the class APIConsumerImpl method removeSubscription.
@Override
public void removeSubscription(Identifier identifier, String userId, int applicationId, String organization) throws APIManagementException {
APIIdentifier apiIdentifier = null;
APIProductIdentifier apiProdIdentifier = null;
if (identifier instanceof APIIdentifier) {
apiIdentifier = (APIIdentifier) identifier;
}
if (identifier instanceof APIProductIdentifier) {
apiProdIdentifier = (APIProductIdentifier) identifier;
}
String applicationName = apiMgtDAO.getApplicationNameFromId(applicationId);
try {
SubscriptionWorkflowDTO workflowDTO;
WorkflowExecutor createSubscriptionWFExecutor = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_SUBSCRIPTION_CREATION);
WorkflowExecutor removeSubscriptionWFExecutor = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_SUBSCRIPTION_DELETION);
String workflowExtRef = apiMgtDAO.getExternalWorkflowReferenceForSubscription(identifier, applicationId, organization);
// in a normal flow workflowExtRef is null when workflows are not enabled
if (workflowExtRef == null) {
workflowDTO = new SubscriptionWorkflowDTO();
} else {
workflowDTO = (SubscriptionWorkflowDTO) apiMgtDAO.retrieveWorkflow(workflowExtRef);
// set tiername to the workflowDTO only when workflows are enabled
SubscribedAPI subscription = apiMgtDAO.getSubscriptionById(Integer.parseInt(workflowDTO.getWorkflowReference()));
workflowDTO.setTierName(subscription.getTier().getName());
}
workflowDTO.setApiProvider(identifier.getProviderName());
API api = null;
APIProduct product = null;
String context = null;
ApiTypeWrapper wrapper;
if (apiIdentifier != null) {
// The API is retrieved without visibility permission check, since the subscribers should be allowed
// to delete already existing subscriptions made for restricted APIs
wrapper = getAPIorAPIProductByUUIDWithoutPermissionCheck(apiIdentifier.getUUID(), organization);
api = wrapper.getApi();
context = api.getContext();
} else if (apiProdIdentifier != null) {
// The API Product is retrieved without visibility permission check, since the subscribers should be
// allowe to delete already existing subscriptions made for restricted API Products
wrapper = getAPIorAPIProductByUUIDWithoutPermissionCheck(apiProdIdentifier.getUUID(), organization);
product = wrapper.getApiProduct();
context = product.getContext();
}
workflowDTO.setApiContext(context);
workflowDTO.setApiName(identifier.getName());
workflowDTO.setApiVersion(identifier.getVersion());
workflowDTO.setApplicationName(applicationName);
workflowDTO.setTenantDomain(tenantDomain);
workflowDTO.setTenantId(tenantId);
workflowDTO.setExternalWorkflowReference(workflowExtRef);
workflowDTO.setSubscriber(userId);
workflowDTO.setCallbackUrl(removeSubscriptionWFExecutor.getCallbackURL());
workflowDTO.setApplicationId(applicationId);
workflowDTO.setMetadata(WorkflowConstants.PayloadConstants.API_ID, String.valueOf(identifier.getId()));
String status = null;
if (apiIdentifier != null) {
status = apiMgtDAO.getSubscriptionStatus(apiIdentifier.getUUID(), applicationId);
} else if (apiProdIdentifier != null) {
status = apiMgtDAO.getSubscriptionStatus(apiProdIdentifier.getUUID(), applicationId);
}
if (APIConstants.SubscriptionStatus.ON_HOLD.equals(status)) {
try {
createSubscriptionWFExecutor.cleanUpPendingTask(workflowExtRef);
} catch (WorkflowException ex) {
// failed cleanup processes are ignored to prevent failing the deletion process
log.warn("Failed to clean pending subscription approval task");
}
}
// update attributes of the new remove workflow to be created
workflowDTO.setStatus(WorkflowStatus.CREATED);
workflowDTO.setWorkflowType(WorkflowConstants.WF_TYPE_AM_SUBSCRIPTION_DELETION);
workflowDTO.setCreatedTime(System.currentTimeMillis());
workflowDTO.setExternalWorkflowReference(removeSubscriptionWFExecutor.generateUUID());
Tier tier = null;
if (api != null) {
Set<Tier> policies = api.getAvailableTiers();
Iterator<Tier> iterator = policies.iterator();
boolean isPolicyAllowed = false;
while (iterator.hasNext()) {
Tier policy = iterator.next();
if (policy.getName() != null && (policy.getName()).equals(workflowDTO.getTierName())) {
tier = policy;
}
}
} else if (product != null) {
Set<Tier> policies = product.getAvailableTiers();
Iterator<Tier> iterator = policies.iterator();
boolean isPolicyAllowed = false;
while (iterator.hasNext()) {
Tier policy = iterator.next();
if (policy.getName() != null && (policy.getName()).equals(workflowDTO.getTierName())) {
tier = policy;
}
}
}
if (api != null) {
// check whether monetization is enabled for API and tier plan is commercial
if (api.getMonetizationStatus() && APIConstants.COMMERCIAL_TIER_PLAN.equals(tier.getTierPlan())) {
removeSubscriptionWFExecutor.deleteMonetizedSubscription(workflowDTO, api);
} else {
removeSubscriptionWFExecutor.execute(workflowDTO);
}
} else if (product != null) {
// check whether monetization is enabled for API product and tier plan is commercial
if (product.getMonetizationStatus() && APIConstants.COMMERCIAL_TIER_PLAN.equals(tier.getTierPlan())) {
removeSubscriptionWFExecutor.deleteMonetizedSubscription(workflowDTO, product);
} else {
removeSubscriptionWFExecutor.execute(workflowDTO);
}
}
JSONObject subsLogObject = new JSONObject();
subsLogObject.put(APIConstants.AuditLogConstants.API_NAME, identifier.getName());
subsLogObject.put(APIConstants.AuditLogConstants.PROVIDER, identifier.getProviderName());
subsLogObject.put(APIConstants.AuditLogConstants.APPLICATION_ID, applicationId);
subsLogObject.put(APIConstants.AuditLogConstants.APPLICATION_NAME, applicationName);
APIUtil.logAuditMessage(APIConstants.AuditLogConstants.SUBSCRIPTION, subsLogObject.toString(), APIConstants.AuditLogConstants.DELETED, this.username);
} catch (WorkflowException e) {
String errorMsg = "Could not execute Workflow, " + WorkflowConstants.WF_TYPE_AM_SUBSCRIPTION_DELETION + " for resource " + identifier.toString();
handleException(errorMsg, e);
}
if (log.isDebugEnabled()) {
String logMessage = "Subscription removed from app " + applicationName + " by " + userId + " For Id: " + identifier.toString();
log.debug(logMessage);
}
}
Aggregations