Example 11 with SubscriptionDataStore
use of org.wso2.carbon.apimgt.keymgt.model.SubscriptionDataStore in project carbon-apimgt by wso2.
the class SubscriptionDataHolder method unregisterTenantSubscriptionStore.
public void unregisterTenantSubscriptionStore(String tenantDomain) {
SubscriptionDataStore subscriptionDataStore = subscriptionStore.get(tenantDomain);
if (subscriptionDataStore != null) {
subscriptionDataStore.destroy();
}
subscriptionStore.remove(tenantDomain);
}
Also used :
SubscriptionDataStore(org.wso2.carbon.apimgt.keymgt.model.SubscriptionDataStore)
Example 12 with SubscriptionDataStore
use of org.wso2.carbon.apimgt.keymgt.model.SubscriptionDataStore in project carbon-apimgt by wso2.
the class SubscriptionDataHolder method registerTenantSubscriptionStore.
public SubscriptionDataStore registerTenantSubscriptionStore(String tenantDomain) {
SubscriptionDataStore tenantStore = subscriptionStore.get(tenantDomain);
if (tenantStore == null) {
tenantStore = new SubscriptionDataStoreImpl(tenantDomain);
}
subscriptionStore.put(tenantDomain, tenantStore);
return tenantStore;
}
Also used :
SubscriptionDataStore(org.wso2.carbon.apimgt.keymgt.model.SubscriptionDataStore)
SubscriptionDataStoreImpl(org.wso2.carbon.apimgt.keymgt.model.impl.SubscriptionDataStoreImpl)
Example 13 with SubscriptionDataStore
use of org.wso2.carbon.apimgt.keymgt.model.SubscriptionDataStore in project carbon-apimgt by wso2.
the class AbstractKeyValidationHandler method validateSubscriptionDetails.
private APIKeyValidationInfoDTO validateSubscriptionDetails(APIKeyValidationInfoDTO infoDTO, String context, String version, int appId, boolean defaultVersionInvoked) {
String apiTenantDomain = MultitenantUtils.getTenantDomainFromRequestURL(context);
if (apiTenantDomain == null) {
apiTenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
}
int tenantId = APIUtil.getTenantIdFromTenantDomain(apiTenantDomain);
API api = null;
Subscription sub = null;
Application app = null;
SubscriptionDataStore datastore = SubscriptionDataHolder.getInstance().getTenantSubscriptionStore(apiTenantDomain);
// TODO add a check to see whether datastore is initialized an load data using rest api if it is not loaded
if (datastore != null) {
app = datastore.getApplicationById(appId);
api = datastore.getApiByContextAndVersion(context, version);
if (api == null && APIConstants.DEFAULT_WEBSOCKET_VERSION.equals(version)) {
// for websocket default version.
api = datastore.getDefaultApiByContext(context);
}
if (api != null) {
sub = datastore.getSubscriptionById(appId, api.getApiId());
if (sub != null) {
if (log.isDebugEnabled()) {
log.debug("All information is retrieved from the inmemory data store.");
}
} else {
if (log.isDebugEnabled()) {
log.debug("Valid subscription not found for appId " + appId + " and apiId " + api.getApiId());
}
}
} else {
if (log.isDebugEnabled()) {
log.debug("API not found in the datastore for " + context + ":" + version);
}
}
} else {
log.error("Subscription datastore is not initialized for tenant domain " + apiTenantDomain);
}
if (api != null && sub != null) {
validate(infoDTO, apiTenantDomain, tenantId, datastore, api, app, sub);
} else if (!infoDTO.isAuthorized() && infoDTO.getValidationStatus() == 0) {
// Scenario where validation failed and message is not set
infoDTO.setValidationStatus(APIConstants.KeyValidationStatus.API_AUTH_RESOURCE_FORBIDDEN);
} else {
infoDTO.setAuthorized(false);
infoDTO.setValidationStatus(APIConstants.KeyValidationStatus.API_AUTH_RESOURCE_FORBIDDEN);
}
return infoDTO;
}
Also used :
API(org.wso2.carbon.apimgt.keymgt.model.entity.API)
SubscriptionDataStore(org.wso2.carbon.apimgt.keymgt.model.SubscriptionDataStore)
Subscription(org.wso2.carbon.apimgt.keymgt.model.entity.Subscription)
Application(org.wso2.carbon.apimgt.keymgt.model.entity.Application)
Example 14 with SubscriptionDataStore
use of org.wso2.carbon.apimgt.keymgt.model.SubscriptionDataStore in project carbon-apimgt by wso2.
the class AbstractKeyValidationHandler method validate.
private APIKeyValidationInfoDTO validate(APIKeyValidationInfoDTO infoDTO, String apiTenantDomain, int tenantId, SubscriptionDataStore datastore, API api, ApplicationKeyMapping key, Application app, Subscription sub, String keyManager) {
String subscriptionStatus = sub.getSubscriptionState();
String type = key.getKeyType();
if (APIConstants.SubscriptionStatus.BLOCKED.equals(subscriptionStatus)) {
infoDTO.setValidationStatus(APIConstants.KeyValidationStatus.API_BLOCKED);
infoDTO.setAuthorized(false);
return infoDTO;
} else if (APIConstants.SubscriptionStatus.ON_HOLD.equals(subscriptionStatus) || APIConstants.SubscriptionStatus.REJECTED.equals(subscriptionStatus)) {
infoDTO.setValidationStatus(APIConstants.KeyValidationStatus.SUBSCRIPTION_INACTIVE);
infoDTO.setAuthorized(false);
return infoDTO;
} else if (APIConstants.SubscriptionStatus.PROD_ONLY_BLOCKED.equals(subscriptionStatus) && !APIConstants.API_KEY_TYPE_SANDBOX.equals(type)) {
infoDTO.setValidationStatus(APIConstants.KeyValidationStatus.API_BLOCKED);
infoDTO.setType(type);
infoDTO.setAuthorized(false);
return infoDTO;
}
infoDTO.setTier(sub.getPolicyId());
infoDTO.setSubscriber(app.getSubName());
infoDTO.setApplicationId(app.getId().toString());
infoDTO.setApiName(api.getApiName());
infoDTO.setApiVersion(api.getApiVersion());
infoDTO.setApiPublisher(api.getApiProvider());
infoDTO.setApplicationName(app.getName());
infoDTO.setApplicationTier(app.getPolicy());
infoDTO.setApplicationUUID(app.getUUID());
infoDTO.setAppAttributes(app.getAttributes());
infoDTO.setType(type);
// Advanced Level Throttling Related Properties
String apiTier = api.getApiTier();
String subscriberTenant = MultitenantUtils.getTenantDomain(app.getSubName());
ApplicationPolicy appPolicy = datastore.getApplicationPolicyByName(app.getPolicy(), APIUtil.getTenantIdFromTenantDomain(app.getOrganization()));
if (appPolicy == null) {
try {
appPolicy = new SubscriptionDataLoaderImpl().getApplicationPolicy(app.getPolicy(), app.getOrganization());
datastore.addOrUpdateApplicationPolicy(appPolicy);
} catch (DataLoadingException e) {
log.error("Error while loading ApplicationPolicy");
}
}
SubscriptionPolicy subPolicy = datastore.getSubscriptionPolicyByName(sub.getPolicyId(), tenantId);
if (subPolicy == null) {
try {
subPolicy = new SubscriptionDataLoaderImpl().getSubscriptionPolicy(sub.getPolicyId(), apiTenantDomain);
datastore.addOrUpdateSubscriptionPolicy(subPolicy);
} catch (DataLoadingException e) {
log.error("Error while loading SubscriptionPolicy");
}
}
ApiPolicy apiPolicy = datastore.getApiPolicyByName(api.getApiTier(), tenantId);
boolean isContentAware = false;
if (appPolicy.isContentAware() || subPolicy.isContentAware() || (apiPolicy != null && apiPolicy.isContentAware())) {
isContentAware = true;
}
infoDTO.setContentAware(isContentAware);
// TODO this must implement as a part of throttling implementation.
int spikeArrest = 0;
String apiLevelThrottlingKey = "api_level_throttling_key";
if (subPolicy.getRateLimitCount() > 0) {
spikeArrest = subPolicy.getRateLimitCount();
}
String spikeArrestUnit = null;
if (subPolicy.getRateLimitTimeUnit() != null) {
spikeArrestUnit = subPolicy.getRateLimitTimeUnit();
}
boolean stopOnQuotaReach = subPolicy.isStopOnQuotaReach();
int graphQLMaxDepth = 0;
if (subPolicy.getGraphQLMaxDepth() > 0) {
graphQLMaxDepth = subPolicy.getGraphQLMaxDepth();
}
int graphQLMaxComplexity = 0;
if (subPolicy.getGraphQLMaxComplexity() > 0) {
graphQLMaxComplexity = subPolicy.getGraphQLMaxComplexity();
}
List<String> list = new ArrayList<String>();
list.add(apiLevelThrottlingKey);
infoDTO.setSpikeArrestLimit(spikeArrest);
infoDTO.setSpikeArrestUnit(spikeArrestUnit);
infoDTO.setStopOnQuotaReach(stopOnQuotaReach);
infoDTO.setSubscriberTenantDomain(subscriberTenant);
infoDTO.setGraphQLMaxDepth(graphQLMaxDepth);
infoDTO.setGraphQLMaxComplexity(graphQLMaxComplexity);
if (apiTier != null && apiTier.trim().length() > 0) {
infoDTO.setApiTier(apiTier);
}
// We also need to set throttling data list associated with given API. This need to have
// policy id and
// condition id list for all throttling tiers associated with this API.
infoDTO.setThrottlingDataList(list);
infoDTO.setAuthorized(true);
return infoDTO;
}
Also used :
SubscriptionDataLoaderImpl(org.wso2.carbon.apimgt.keymgt.model.impl.SubscriptionDataLoaderImpl)
DataLoadingException(org.wso2.carbon.apimgt.keymgt.model.exception.DataLoadingException)
SubscriptionPolicy(org.wso2.carbon.apimgt.keymgt.model.entity.SubscriptionPolicy)
ApplicationPolicy(org.wso2.carbon.apimgt.keymgt.model.entity.ApplicationPolicy)
ApiPolicy(org.wso2.carbon.apimgt.keymgt.model.entity.ApiPolicy)
ArrayList(java.util.ArrayList)
Example 15 with SubscriptionDataStore
use of org.wso2.carbon.apimgt.keymgt.model.SubscriptionDataStore in project carbon-apimgt by wso2.
the class DefaultKeyValidationHandler method validateScopes.
@Override
public boolean validateScopes(TokenValidationContext validationContext) throws APIKeyMgtException {
if (validationContext.isCacheHit()) {
return true;
}
APIKeyValidationInfoDTO apiKeyValidationInfoDTO = validationContext.getValidationInfoDTO();
if (apiKeyValidationInfoDTO == null) {
throw new APIKeyMgtException("Key Validation information not set");
}
String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
String httpVerb = validationContext.getHttpVerb();
String[] scopes;
Set<String> scopesSet = apiKeyValidationInfoDTO.getScopes();
StringBuilder scopeList = new StringBuilder();
if (scopesSet != null && !scopesSet.isEmpty()) {
scopes = scopesSet.toArray(new String[scopesSet.size()]);
if (log.isDebugEnabled() && scopes != null) {
for (String scope : scopes) {
scopeList.append(scope);
scopeList.append(",");
}
scopeList.deleteCharAt(scopeList.length() - 1);
log.debug("Scopes allowed for token : " + validationContext.getAccessToken() + " : " + scopeList.toString());
}
}
String resourceList = validationContext.getMatchingResource();
List<String> resourceArray;
if ((APIConstants.GRAPHQL_QUERY.equalsIgnoreCase(validationContext.getHttpVerb())) || (APIConstants.GRAPHQL_MUTATION.equalsIgnoreCase(validationContext.getHttpVerb())) || (APIConstants.GRAPHQL_SUBSCRIPTION.equalsIgnoreCase(validationContext.getHttpVerb()))) {
resourceArray = new ArrayList<>(Arrays.asList(resourceList.split(",")));
} else {
resourceArray = new ArrayList<>(Arrays.asList(resourceList));
}
String actualVersion = validationContext.getVersion();
// Check if the api version has been prefixed with _default_
if (actualVersion != null && actualVersion.startsWith(APIConstants.DEFAULT_VERSION_PREFIX)) {
// Remove the prefix from the version.
actualVersion = actualVersion.split(APIConstants.DEFAULT_VERSION_PREFIX)[1];
}
SubscriptionDataStore tenantSubscriptionStore = SubscriptionDataHolder.getInstance().getTenantSubscriptionStore(tenantDomain);
API api = tenantSubscriptionStore.getApiByContextAndVersion(validationContext.getContext(), actualVersion);
boolean scopesValidated = false;
if (api != null) {
for (String resource : resourceArray) {
List<URLMapping> resources = api.getResources();
URLMapping urlMapping = null;
for (URLMapping mapping : resources) {
if (Objects.equals(mapping.getHttpMethod(), httpVerb) || "WS".equalsIgnoreCase(api.getApiType())) {
if (isResourcePathMatching(resource, mapping)) {
urlMapping = mapping;
break;
}
}
}
if (urlMapping != null) {
if (urlMapping.getScopes().size() == 0) {
scopesValidated = true;
continue;
}
List<String> mappingScopes = urlMapping.getScopes();
boolean validate = false;
for (String scope : mappingScopes) {
if (scopesSet.contains(scope)) {
scopesValidated = true;
validate = true;
break;
}
}
if (!validate && urlMapping.getScopes().size() > 0) {
scopesValidated = false;
break;
}
}
}
}
if (!scopesValidated) {
apiKeyValidationInfoDTO.setAuthorized(false);
apiKeyValidationInfoDTO.setValidationStatus(APIConstants.KeyValidationStatus.INVALID_SCOPE);
}
return scopesValidated;
}
Also used :
SubscriptionDataStore(org.wso2.carbon.apimgt.keymgt.model.SubscriptionDataStore)
APIKeyMgtException(org.wso2.carbon.apimgt.keymgt.APIKeyMgtException)
URLMapping(org.wso2.carbon.apimgt.api.model.subscription.URLMapping)
API(org.wso2.carbon.apimgt.keymgt.model.entity.API)
APIKeyValidationInfoDTO(org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO)
Aggregations
SubscriptionDataStore (org.wso2.carbon.apimgt.keymgt.model.SubscriptionDataStore)43
API (org.wso2.carbon.apimgt.keymgt.model.entity.API)14
SubscriptionDataHolder (org.wso2.carbon.apimgt.keymgt.SubscriptionDataHolder)9
Test (org.junit.Test)8
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)8
ArrayList (java.util.ArrayList)7
Application (org.wso2.carbon.apimgt.keymgt.model.entity.Application)6
Subscription (org.wso2.carbon.apimgt.keymgt.model.entity.Subscription)5
SubscriptionDataLoaderImpl (org.wso2.carbon.apimgt.keymgt.model.impl.SubscriptionDataLoaderImpl)5
MessageContext (org.apache.synapse.MessageContext)4
DataLoadingException (org.wso2.carbon.apimgt.keymgt.model.exception.DataLoadingException)4
ErrorDTO (org.wso2.carbon.apimgt.rest.api.gateway.dto.ErrorDTO)4
ApiPolicy (org.wso2.carbon.apimgt.keymgt.model.entity.ApiPolicy)3
APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)2
URLMapping (org.wso2.carbon.apimgt.api.model.subscription.URLMapping)2
API (org.wso2.carbon.apimgt.common.analytics.publishers.dto.API)2
DeployAPIInGatewayEvent (org.wso2.carbon.apimgt.impl.notifier.events.DeployAPIInGatewayEvent)2
ApplicationPolicy (org.wso2.carbon.apimgt.keymgt.model.entity.ApplicationPolicy)2
Scope (org.wso2.carbon.apimgt.keymgt.model.entity.Scope)2
SubscriptionPolicy (org.wso2.carbon.apimgt.keymgt.model.entity.SubscriptionPolicy)2
