Search in sources :

Example 71 with Subscription

use of org.wso2.carbon.apimgt.keymgt.model.entity.Subscription in project carbon-apimgt by wso2.

the class SubscriptionCreationApprovalWorkflowExecutor method cleanUpPendingTask.

/**
 * Handle cleanup task for subscription creation Approval workflow executor.
 * Use workflow external reference  to delete the pending workflow request
 *
 * @param workflowExtRef Workflow external reference of pending workflow request
 */
@Override
public void cleanUpPendingTask(String workflowExtRef) throws WorkflowException {
    String errorMsg = null;
    super.cleanUpPendingTask(workflowExtRef);
    if (log.isDebugEnabled()) {
        log.debug("Starting cleanup task for SubscriptionCreationApprovalWorkflowExecutor for :" + workflowExtRef);
    }
    try {
        ApiMgtDAO apiMgtDAO = ApiMgtDAO.getInstance();
        apiMgtDAO.deleteWorkflowRequest(workflowExtRef);
    } catch (APIManagementException axisFault) {
        errorMsg = "Error sending out cancel pending subscription approval process message. cause: " + axisFault.getMessage();
        throw new WorkflowException(errorMsg, axisFault);
    }
}
Also used : APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) ApiMgtDAO(org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO)

Example 72 with Subscription

use of org.wso2.carbon.apimgt.keymgt.model.entity.Subscription in project carbon-apimgt by wso2.

the class SubscriptionCreationWSWorkflowExecutor method complete.

@Override
public WorkflowResponse complete(WorkflowDTO workflowDTO) throws WorkflowException {
    workflowDTO.setUpdatedTime(System.currentTimeMillis());
    super.complete(workflowDTO);
    log.info("Subscription Creation [Complete] Workflow Invoked. Workflow ID : " + workflowDTO.getExternalWorkflowReference() + "Workflow State : " + workflowDTO.getStatus());
    if (WorkflowStatus.APPROVED.equals(workflowDTO.getStatus())) {
        ApiMgtDAO apiMgtDAO = ApiMgtDAO.getInstance();
        try {
            apiMgtDAO.updateSubscriptionStatus(Integer.parseInt(workflowDTO.getWorkflowReference()), APIConstants.SubscriptionStatus.UNBLOCKED);
        } catch (APIManagementException e) {
            log.error("Could not complete subscription creation workflow", e);
            throw new WorkflowException("Could not complete subscription creation workflow", e);
        }
    } else if (WorkflowStatus.REJECTED.equals(workflowDTO.getStatus())) {
        ApiMgtDAO apiMgtDAO = ApiMgtDAO.getInstance();
        try {
            apiMgtDAO.updateSubscriptionStatus(Integer.parseInt(workflowDTO.getWorkflowReference()), APIConstants.SubscriptionStatus.REJECTED);
        } catch (APIManagementException e) {
            log.error("Could not complete subscription creation workflow", e);
            throw new WorkflowException("Could not complete subscription creation workflow", e);
        }
    }
    return new GeneralWorkflowResponse();
}
Also used : APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) ApiMgtDAO(org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO)

Example 73 with Subscription

use of org.wso2.carbon.apimgt.keymgt.model.entity.Subscription in project carbon-apimgt by wso2.

the class SubscriptionUpdateApprovalWorkflowExecutor method complete.

/**
 * Complete the Approval workflow executor for Subscription creation.
 *
 * @param workflowDTO
 */
@Override
public WorkflowResponse complete(WorkflowDTO workflowDTO) throws WorkflowException {
    workflowDTO.setUpdatedTime(System.currentTimeMillis());
    super.complete(workflowDTO);
    if (log.isDebugEnabled()) {
        String logMessage = "Subscription Update [Complete] Workflow Invoked. Workflow ID : " + workflowDTO.getExternalWorkflowReference() + " Workflow State : " + workflowDTO.getStatus();
        log.debug(logMessage);
    }
    SubscriptionWorkflowDTO subscriptionWorkflowDTO = (SubscriptionWorkflowDTO) workflowDTO;
    if (WorkflowStatus.APPROVED.equals(workflowDTO.getStatus())) {
        ApiMgtDAO apiMgtDAO = ApiMgtDAO.getInstance();
        try {
            apiMgtDAO.updateSubscriptionStatusAndTier(Integer.parseInt(subscriptionWorkflowDTO.getWorkflowReference()), APIConstants.SubscriptionStatus.UNBLOCKED);
        } catch (APIManagementException e) {
            log.error("Could not complete subscription update workflow", e);
            throw new WorkflowException("Could not complete subscription update workflow", e);
        }
    } else if (WorkflowStatus.REJECTED.equals(workflowDTO.getStatus())) {
        ApiMgtDAO apiMgtDAO = ApiMgtDAO.getInstance();
        try {
            apiMgtDAO.updateSubscriptionStatus(Integer.parseInt(subscriptionWorkflowDTO.getWorkflowReference()), APIConstants.SubscriptionStatus.UNBLOCKED);
        } catch (APIManagementException e) {
            log.error("Could not complete subscription update workflow", e);
            throw new WorkflowException("Could not complete subscription update workflow", e);
        }
    }
    return new GeneralWorkflowResponse();
}
Also used : APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) SubscriptionWorkflowDTO(org.wso2.carbon.apimgt.impl.dto.SubscriptionWorkflowDTO) ApiMgtDAO(org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO)

Example 74 with Subscription

use of org.wso2.carbon.apimgt.keymgt.model.entity.Subscription in project carbon-apimgt by wso2.

the class SubscriptionUpdateWSWorkflowExecutor method complete.

@Override
public WorkflowResponse complete(WorkflowDTO workflowDTO) throws WorkflowException {
    workflowDTO.setUpdatedTime(System.currentTimeMillis());
    super.complete(workflowDTO);
    log.info("Subscription Update [Complete] Workflow Invoked. Workflow ID : " + workflowDTO.getExternalWorkflowReference() + "Workflow State : " + workflowDTO.getStatus());
    if (WorkflowStatus.APPROVED.equals(workflowDTO.getStatus())) {
        ApiMgtDAO apiMgtDAO = ApiMgtDAO.getInstance();
        try {
            apiMgtDAO.updateSubscriptionStatus(Integer.parseInt(workflowDTO.getWorkflowReference()), APIConstants.SubscriptionStatus.UNBLOCKED);
        } catch (APIManagementException e) {
            log.error("Could not complete subscription update workflow", e);
            throw new WorkflowException("Could not complete subscription update workflow", e);
        }
    } else if (WorkflowStatus.REJECTED.equals(workflowDTO.getStatus())) {
        ApiMgtDAO apiMgtDAO = ApiMgtDAO.getInstance();
        try {
            apiMgtDAO.updateSubscriptionStatus(Integer.parseInt(workflowDTO.getWorkflowReference()), APIConstants.SubscriptionStatus.REJECTED);
        } catch (APIManagementException e) {
            log.error("Could not complete subscription update workflow", e);
            throw new WorkflowException("Could not complete subscription update workflow", e);
        }
    }
    return new GeneralWorkflowResponse();
}
Also used : APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) ApiMgtDAO(org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO)

Example 75 with Subscription

use of org.wso2.carbon.apimgt.keymgt.model.entity.Subscription in project carbon-apimgt by wso2.

the class GatewayUtils method validateAPISubscription.

/**
 * Validate whether the user is subscribed to the invoked API. If subscribed, return a JSON object containing
 * the API information.
 *
 * @param apiContext API context
 * @param apiVersion API version
 * @param payload    The payload of the JWT token
 * @return an JSON object containing subscribed API information retrieved from token payload.
 * If the subscription information is not found, return a null object.
 * @throws APISecurityException if the user is not subscribed to the API
 */
public static JSONObject validateAPISubscription(String apiContext, String apiVersion, JWTClaimsSet payload, String[] splitToken, boolean isOauth) throws APISecurityException {
    JSONObject api = null;
    APIKeyValidator apiKeyValidator = new APIKeyValidator();
    APIKeyValidationInfoDTO apiKeyValidationInfoDTO = null;
    boolean apiKeySubValidationEnabled = isAPIKeySubscriptionValidationEnabled();
    JSONObject application;
    int appId = 0;
    if (payload.getClaim(APIConstants.JwtTokenConstants.APPLICATION) != null) {
        application = (JSONObject) payload.getClaim(APIConstants.JwtTokenConstants.APPLICATION);
        appId = Integer.parseInt(application.getAsString(APIConstants.JwtTokenConstants.APPLICATION_ID));
    }
    // if the appId is equal to 0 then it's a internal key
    if (apiKeySubValidationEnabled && appId != 0) {
        apiKeyValidationInfoDTO = apiKeyValidator.validateSubscription(apiContext, apiVersion, appId, getTenantDomain());
    }
    if (payload.getClaim(APIConstants.JwtTokenConstants.SUBSCRIBED_APIS) != null) {
        // Subscription validation
        JSONArray subscribedAPIs = (JSONArray) payload.getClaim(APIConstants.JwtTokenConstants.SUBSCRIBED_APIS);
        for (Object subscribedAPI : subscribedAPIs) {
            JSONObject subscribedAPIsJSONObject = (JSONObject) subscribedAPI;
            if (apiContext.equals(subscribedAPIsJSONObject.getAsString(APIConstants.JwtTokenConstants.API_CONTEXT)) && apiVersion.equals(subscribedAPIsJSONObject.getAsString(APIConstants.JwtTokenConstants.API_VERSION))) {
                // check whether the subscription is authorized
                if (apiKeySubValidationEnabled && appId != 0) {
                    if (apiKeyValidationInfoDTO.isAuthorized()) {
                        api = subscribedAPIsJSONObject;
                        if (log.isDebugEnabled()) {
                            log.debug("User is subscribed to the API: " + apiContext + ", " + "version: " + apiVersion + ". Token: " + getMaskedToken(splitToken[0]));
                        }
                    }
                } else {
                    api = subscribedAPIsJSONObject;
                    if (log.isDebugEnabled()) {
                        log.debug("User is subscribed to the API: " + apiContext + ", " + "version: " + apiVersion + ". Token: " + getMaskedToken(splitToken[0]));
                    }
                }
                break;
            }
        }
        if (api == null) {
            if (log.isDebugEnabled()) {
                log.debug("User is not subscribed to access the API: " + apiContext + ", version: " + apiVersion + ". Token: " + getMaskedToken(splitToken[0]));
            }
            log.error("User is not subscribed to access the API.");
            throw new APISecurityException(APISecurityConstants.API_AUTH_FORBIDDEN, APISecurityConstants.API_AUTH_FORBIDDEN_MESSAGE);
        }
    } else {
        if (log.isDebugEnabled()) {
            log.debug("No subscription information found in the token.");
        }
        // we perform mandatory authentication for Api Keys
        if (!isOauth) {
            log.error("User is not subscribed to access the API.");
            throw new APISecurityException(APISecurityConstants.API_AUTH_FORBIDDEN, APISecurityConstants.API_AUTH_FORBIDDEN_MESSAGE);
        }
    }
    return api;
}
Also used : APISecurityException(org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException) JSONObject(net.minidev.json.JSONObject) APIKeyValidator(org.wso2.carbon.apimgt.gateway.handlers.security.APIKeyValidator) JSONArray(net.minidev.json.JSONArray) JSONObject(net.minidev.json.JSONObject) APIKeyValidationInfoDTO(org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO)

Aggregations

APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)79 ArrayList (java.util.ArrayList)69 Test (org.testng.annotations.Test)58 Subscription (org.wso2.carbon.apimgt.core.models.Subscription)58 Test (org.junit.Test)56 SQLException (java.sql.SQLException)55 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)51 Connection (java.sql.Connection)49 PreparedStatement (java.sql.PreparedStatement)48 ResultSet (java.sql.ResultSet)39 SubscriptionPolicy (org.wso2.carbon.apimgt.core.models.policy.SubscriptionPolicy)37 APIManagementException (org.wso2.carbon.apimgt.core.exception.APIManagementException)35 APISubscriptionDAO (org.wso2.carbon.apimgt.core.dao.APISubscriptionDAO)34 APIMgtDAOException (org.wso2.carbon.apimgt.core.exception.APIMgtDAOException)34 SubscribedAPI (org.wso2.carbon.apimgt.api.model.SubscribedAPI)31 Application (org.wso2.carbon.apimgt.core.models.Application)30 API (org.wso2.carbon.apimgt.core.models.API)28 Response (javax.ws.rs.core.Response)24 Application (org.wso2.carbon.apimgt.api.model.Application)22 APIPublisher (org.wso2.carbon.apimgt.core.api.APIPublisher)22