Search in sources :

Example 51 with KeyManagerConfigurationDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerConfigurationDTO in project carbon-apimgt by wso2.

the class APIAdminImpl method getKeyManagerConfigurationById.

@Override
public KeyManagerConfigurationDTO getKeyManagerConfigurationById(String organization, String id) throws APIManagementException {
    KeyManagerConfigurationDTO keyManagerConfigurationDTO = apiMgtDAO.getKeyManagerConfigurationByID(organization, id);
    if (keyManagerConfigurationDTO == null) {
        return null;
    }
    if (APIConstants.KeyManager.DEFAULT_KEY_MANAGER.equals(keyManagerConfigurationDTO.getName())) {
        APIUtil.getAndSetDefaultKeyManagerConfiguration(keyManagerConfigurationDTO);
    }
    if (!KeyManagerConfiguration.TokenType.valueOf(keyManagerConfigurationDTO.getTokenType().toUpperCase()).equals(KeyManagerConfiguration.TokenType.EXCHANGED)) {
        maskValues(keyManagerConfigurationDTO);
    }
    if (StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), keyManagerConfigurationDTO.getTokenType()) || StringUtils.equals(KeyManagerConfiguration.TokenType.BOTH.toString(), keyManagerConfigurationDTO.getTokenType())) {
        try {
            if (keyManagerConfigurationDTO.getExternalReferenceId() != null) {
                IdentityProvider identityProvider = IdentityProviderManager.getInstance().getIdPByResourceId(keyManagerConfigurationDTO.getExternalReferenceId(), APIUtil.getInternalOrganizationDomain(organization), Boolean.FALSE);
                mergeIdpWithKeyManagerConfiguration(identityProvider, keyManagerConfigurationDTO);
            }
        } catch (IdentityProviderManagementException e) {
            throw new APIManagementException("IdP retrieval failed. " + e.getMessage(), e, ExceptionCodes.IDP_RETRIEVAL_FAILED);
        }
    }
    if (!StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), keyManagerConfigurationDTO.getTokenType())) {
        getKeyManagerEndpoints(keyManagerConfigurationDTO);
    }
    return keyManagerConfigurationDTO;
}
Also used : KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)

Example 52 with KeyManagerConfigurationDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerConfigurationDTO in project carbon-apimgt by wso2.

the class APIAdminImpl method updateKeyManagerConfiguration.

@Override
public KeyManagerConfigurationDTO updateKeyManagerConfiguration(KeyManagerConfigurationDTO keyManagerConfigurationDTO) throws APIManagementException {
    if (!KeyManagerConfiguration.TokenType.valueOf(keyManagerConfigurationDTO.getTokenType().toUpperCase()).equals(KeyManagerConfiguration.TokenType.EXCHANGED)) {
        validateKeyManagerConfiguration(keyManagerConfigurationDTO);
        validateKeyManagerEndpointConfiguration(keyManagerConfigurationDTO);
    }
    KeyManagerConfigurationDTO oldKeyManagerConfiguration = apiMgtDAO.getKeyManagerConfigurationByID(keyManagerConfigurationDTO.getOrganization(), keyManagerConfigurationDTO.getUuid());
    if (StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), keyManagerConfigurationDTO.getTokenType()) || StringUtils.equals(KeyManagerConfiguration.TokenType.BOTH.toString(), keyManagerConfigurationDTO.getTokenType())) {
        IdentityProvider identityProvider;
        try {
            if (StringUtils.isNotEmpty(oldKeyManagerConfiguration.getExternalReferenceId())) {
                IdentityProvider retrievedIDP = IdentityProviderManager.getInstance().getIdPByResourceId(oldKeyManagerConfiguration.getExternalReferenceId(), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()), Boolean.FALSE);
                identityProvider = IdentityProviderManager.getInstance().updateIdPByResourceId(oldKeyManagerConfiguration.getExternalReferenceId(), updatedIDP(retrievedIDP, keyManagerConfigurationDTO), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()));
            } else {
                identityProvider = IdentityProviderManager.getInstance().addIdPWithResourceId(createIdp(keyManagerConfigurationDTO), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()));
                keyManagerConfigurationDTO.setExternalReferenceId(identityProvider.getResourceId());
            }
        } catch (IdentityProviderManagementException e) {
            throw new APIManagementException("IdP adding failed. " + e.getMessage(), e, ExceptionCodes.IDP_ADDING_FAILED);
        }
        keyManagerConfigurationDTO.setExternalReferenceId(identityProvider.getResourceId());
    }
    if ((StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), oldKeyManagerConfiguration.getTokenType()) || StringUtils.equals(KeyManagerConfiguration.TokenType.BOTH.toString(), oldKeyManagerConfiguration.getTokenType())) && StringUtils.equals(KeyManagerConfiguration.TokenType.DIRECT.toString(), keyManagerConfigurationDTO.getTokenType())) {
        // Delete Identity Provider Created.
        if (StringUtils.isNotEmpty(oldKeyManagerConfiguration.getExternalReferenceId())) {
            try {
                IdentityProviderManager.getInstance().deleteIdPByResourceId(oldKeyManagerConfiguration.getExternalReferenceId(), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()));
                keyManagerConfigurationDTO.setExternalReferenceId(null);
            } catch (IdentityProviderManagementException e) {
                throw new APIManagementException("IdP deletion failed. " + e.getMessage(), e, ExceptionCodes.IDP_DELETION_FAILED);
            }
        }
    }
    encryptKeyManagerConfigurationValues(oldKeyManagerConfiguration, keyManagerConfigurationDTO);
    apiMgtDAO.updateKeyManagerConfiguration(keyManagerConfigurationDTO);
    KeyManagerConfigurationDTO decryptedKeyManagerConfiguration = decryptKeyManagerConfigurationValues(keyManagerConfigurationDTO);
    new KeyMgtNotificationSender().notify(decryptedKeyManagerConfiguration, APIConstants.KeyManager.KeyManagerEvent.ACTION_UPDATE);
    return keyManagerConfigurationDTO;
}
Also used : KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException) KeyMgtNotificationSender(org.wso2.carbon.apimgt.impl.keymgt.KeyMgtNotificationSender)

Example 53 with KeyManagerConfigurationDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerConfigurationDTO in project carbon-apimgt by wso2.

the class APIAdminImpl method getKeyManagerEndpoints.

private void getKeyManagerEndpoints(KeyManagerConfigurationDTO keyManagerConfigurationDTO) {
    Map<String, String> endpointConfigurationsMap = new HashMap<>();
    keyManagerConfigurationDTO.setEndpoints(endpointConfigurationsMap);
    if (!APIConstants.KeyManager.DEFAULT_KEY_MANAGER_TYPE.equals(keyManagerConfigurationDTO.getType())) {
        KeyManagerConnectorConfiguration keyManagerConnectorConfiguration = ServiceReferenceHolder.getInstance().getKeyManagerConnectorConfiguration(keyManagerConfigurationDTO.getType());
        List<ConfigurationDto> endpointConfigurations = keyManagerConnectorConfiguration.getEndpointConfigurations();
        if (endpointConfigurations != null) {
            for (ConfigurationDto endpointConfiguration : endpointConfigurations) {
                Object endpointValue = keyManagerConfigurationDTO.getProperty(endpointConfiguration.getName());
                if (endpointValue instanceof String && StringUtils.isNotEmpty((String) endpointValue)) {
                    endpointConfigurationsMap.put(endpointConfiguration.getName(), (String) endpointValue);
                }
            }
        }
    }
}
Also used : KeyManagerConnectorConfiguration(org.wso2.carbon.apimgt.api.model.KeyManagerConnectorConfiguration) ConfigurationDto(org.wso2.carbon.apimgt.api.model.ConfigurationDto) HashMap(java.util.HashMap) JsonObject(com.google.gson.JsonObject) JSONObject(org.json.simple.JSONObject)

Example 54 with KeyManagerConfigurationDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerConfigurationDTO in project carbon-apimgt by wso2.

the class APIAdminImpl method updatedIDP.

private IdentityProvider updatedIDP(IdentityProvider retrievedIDP, KeyManagerConfigurationDTO keyManagerConfigurationDTO) {
    IdentityProvider identityProvider = cloneIdentityProvider(retrievedIDP);
    String idpName = sanitizeName(getSubstringOfTen(keyManagerConfigurationDTO.getName()) + "_" + keyManagerConfigurationDTO.getOrganization() + "_" + keyManagerConfigurationDTO.getUuid());
    identityProvider.setIdentityProviderName(idpName);
    identityProvider.setDisplayName(keyManagerConfigurationDTO.getDisplayName());
    identityProvider.setPrimary(Boolean.FALSE);
    identityProvider.setIdentityProviderDescription(keyManagerConfigurationDTO.getDescription());
    identityProvider.setAlias(keyManagerConfigurationDTO.getAlias());
    String certificate = null;
    if (keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CERTIFICATE_VALUE)) {
        certificate = (String) keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.KeyManager.CERTIFICATE_VALUE);
    }
    String certificateType = null;
    if (keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CERTIFICATE_TYPE)) {
        certificateType = (String) keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.KeyManager.CERTIFICATE_TYPE);
    }
    List<IdentityProviderProperty> idpProperties = new ArrayList<>();
    if (StringUtils.isNotEmpty(certificate) && StringUtils.isNotEmpty(certificateType)) {
        if (APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT.equals(certificateType)) {
            if (StringUtils.isNotBlank(certificate)) {
                IdentityProviderProperty jwksProperty = new IdentityProviderProperty();
                jwksProperty.setName(APIConstants.JWKS_URI);
                jwksProperty.setValue(certificate);
                idpProperties.add(jwksProperty);
            }
        } else if (APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE.equals(certificateType)) {
            identityProvider.setCertificate(String.join(certificate, ""));
        }
    }
    if (keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.ISSUER) != null) {
        IdentityProviderProperty identityProviderProperty = new IdentityProviderProperty();
        identityProviderProperty.setName(IdentityApplicationConstants.IDP_ISSUER_NAME);
        identityProviderProperty.setValue((String) keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.ISSUER));
        idpProperties.add(identityProviderProperty);
    }
    if (idpProperties.size() > 0) {
        identityProvider.setIdpProperties(idpProperties.toArray(new IdentityProviderProperty[0]));
    }
    identityProvider.setEnable(keyManagerConfigurationDTO.isEnabled());
    Object claims = keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.CLAIM_MAPPING);
    updateClaims(identityProvider, claims);
    return identityProvider;
}
Also used : IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) ArrayList(java.util.ArrayList) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) JsonObject(com.google.gson.JsonObject) JSONObject(org.json.simple.JSONObject)

Example 55 with KeyManagerConfigurationDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerConfigurationDTO in project carbon-apimgt by wso2.

the class APIConsumerImpl method getApplicationKeyByAppIDAndKeyMapping.

@Override
public APIKey getApplicationKeyByAppIDAndKeyMapping(int applicationId, String keyMappingId) throws APIManagementException {
    APIKey apiKey = apiMgtDAO.getKeyMappingFromApplicationIdAndKeyMappingId(applicationId, keyMappingId);
    String keyManagerId = apiKey.getKeyManager();
    String consumerKey = apiKey.getConsumerKey();
    KeyManagerConfigurationDTO keyManagerConfigurationDTO = apiMgtDAO.getKeyManagerConfigurationByUUID(keyManagerId);
    if (keyManagerConfigurationDTO != null) {
        String keyManagerName = keyManagerConfigurationDTO.getName();
        KeyManager keyManager = KeyManagerHolder.getKeyManagerInstance(this.tenantDomain, keyManagerName);
        if (keyManager != null) {
            OAuthApplicationInfo oAuthApplicationInfo = keyManager.retrieveApplication(consumerKey);
            if (oAuthApplicationInfo != null) {
                apiKey.setConsumerSecret(oAuthApplicationInfo.getClientSecret());
                apiKey.setGrantTypes((String) oAuthApplicationInfo.getParameter(APIConstants.JSON_GRANT_TYPES));
                apiKey.setCallbackUrl(oAuthApplicationInfo.getCallBackURL());
                apiKey.setAdditionalProperties(oAuthApplicationInfo.getParameter(APIConstants.JSON_ADDITIONAL_PROPERTIES));
            }
        }
    }
    return apiKey;
}
Also used : APIKey(org.wso2.carbon.apimgt.api.model.APIKey) KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO) OAuthApplicationInfo(org.wso2.carbon.apimgt.api.model.OAuthApplicationInfo) KeyManager(org.wso2.carbon.apimgt.api.model.KeyManager)

Aggregations

KeyManagerConfigurationDTO (org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO)43 APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)30 Gson (com.google.gson.Gson)16 ArrayList (java.util.ArrayList)13 HashMap (java.util.HashMap)12 OAuthApplicationInfo (org.wso2.carbon.apimgt.api.model.OAuthApplicationInfo)11 JSONObject (org.json.simple.JSONObject)10 JsonObject (com.google.gson.JsonObject)9 PreparedStatement (java.sql.PreparedStatement)9 KeyManager (org.wso2.carbon.apimgt.api.model.KeyManager)9 OAuthAppRequest (org.wso2.carbon.apimgt.api.model.OAuthAppRequest)9 Map (java.util.Map)8 APIAdmin (org.wso2.carbon.apimgt.api.APIAdmin)8 APIAdminImpl (org.wso2.carbon.apimgt.impl.APIAdminImpl)8 ByteArrayInputStream (java.io.ByteArrayInputStream)7 Connection (java.sql.Connection)7 SQLException (java.sql.SQLException)7 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)7 LinkedHashMap (java.util.LinkedHashMap)6 Application (org.wso2.carbon.apimgt.api.model.Application)6