Examples with KeyManagerDTO org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO used on opensource projects

Example 11 with KeyManagerDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.

the class APIProviderImpl method registerOrUpdateResourceInKeyManager.

/**
 * Notify the key manager with API update or addition
 *
 * @param api API
 * @param tenantDomain
 * @throws APIManagementException when error occurs when register/update API at Key Manager side
 */
private void registerOrUpdateResourceInKeyManager(API api, String tenantDomain) throws APIManagementException {
    // get new key manager instance for  resource registration.
    Map<String, KeyManagerDto> tenantKeyManagers = KeyManagerHolder.getTenantKeyManagers(tenantDomain);
    for (Map.Entry<String, KeyManagerDto> keyManagerDtoEntry : tenantKeyManagers.entrySet()) {
        KeyManager keyManager = keyManagerDtoEntry.getValue().getKeyManager();
        if (keyManager != null) {
            try {
                Map registeredResource = keyManager.getResourceByApiId(api.getId().toString());
                if (registeredResource == null) {
                    boolean isNewResourceRegistered = keyManager.registerNewResource(api, null);
                    if (!isNewResourceRegistered) {
                        log.warn("APIResource registration is failed while adding the API- " + api.getId().getApiName() + "-" + api.getId().getVersion() + " into Key Manager : " + keyManagerDtoEntry.getKey());
                    }
                } else {
                    // update APIResource.
                    String resourceId = (String) registeredResource.get("resourceId");
                    if (resourceId == null) {
                        handleException("APIResource update is failed because of empty resourceID.");
                    }
                    keyManager.updateRegisteredResource(api, registeredResource);
                }
            } catch (APIManagementException e) {
                log.error("API Resource Registration failed in Key Manager " + keyManagerDtoEntry.getKey(), e);
            }
        }
    }
}

Example 12 with KeyManagerDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.

the class DefaultKeyValidationHandler method getAccessTokenInfo.

private AccessTokenInfo getAccessTokenInfo(TokenValidationContext validationContext) throws APIManagementException {
    Object cachedAccessTokenInfo = CacheProvider.createIntrospectionCache().get(validationContext.getAccessToken());
    if (cachedAccessTokenInfo != null) {
        log.debug("AccessToken available in introspection Cache.");
        return (AccessTokenInfo) cachedAccessTokenInfo;
    }
    String electedKeyManager = null;
    // Obtaining details about the token.
    if (StringUtils.isNotEmpty(validationContext.getTenantDomain())) {
        Map<String, KeyManagerDto> tenantKeyManagers = KeyManagerHolder.getTenantKeyManagers(validationContext.getTenantDomain());
        KeyManager keyManagerInstance = null;
        if (tenantKeyManagers.values().size() == 1) {
            log.debug("KeyManager count is 1");
            Map.Entry<String, KeyManagerDto> entry = tenantKeyManagers.entrySet().iterator().next();
            if (entry != null) {
                KeyManagerDto keyManagerDto = entry.getValue();
                if (keyManagerDto != null && (validationContext.getKeyManagers().contains(APIConstants.KeyManager.API_LEVEL_ALL_KEY_MANAGERS) || validationContext.getKeyManagers().contains(keyManagerDto.getName()))) {
                    if (log.isDebugEnabled()) {
                        log.debug("KeyManager " + keyManagerDto.getName() + " Available in API level KM list " + String.join(",", validationContext.getKeyManagers()));
                    }
                    if (keyManagerDto.getKeyManager() != null && keyManagerDto.getKeyManager().canHandleToken(validationContext.getAccessToken())) {
                        if (log.isDebugEnabled()) {
                            log.debug("KeyManager " + keyManagerDto.getName() + " can handle the token");
                        }
                        keyManagerInstance = keyManagerDto.getKeyManager();
                        electedKeyManager = entry.getKey();
                    }
                }
            }
        } else if (tenantKeyManagers.values().size() > 1) {
            log.debug("KeyManager count is > 1");
            if (validationContext.getKeyManagers().contains(APIConstants.KeyManager.API_LEVEL_ALL_KEY_MANAGERS)) {
                if (log.isDebugEnabled()) {
                    log.debug("API level KeyManagers contains " + APIConstants.KeyManager.API_LEVEL_ALL_KEY_MANAGERS);
                }
                for (Map.Entry<String, KeyManagerDto> keyManagerDtoEntry : tenantKeyManagers.entrySet()) {
                    if (keyManagerDtoEntry.getValue().getKeyManager() != null && keyManagerDtoEntry.getValue().getKeyManager().canHandleToken(validationContext.getAccessToken())) {
                        if (log.isDebugEnabled()) {
                            log.debug("KeyManager " + keyManagerDtoEntry.getValue().getName() + " can handle the token");
                        }
                        keyManagerInstance = keyManagerDtoEntry.getValue().getKeyManager();
                        electedKeyManager = keyManagerDtoEntry.getKey();
                        break;
                    }
                }
            } else {
                for (String selectedKeyManager : validationContext.getKeyManagers()) {
                    KeyManagerDto keyManagerDto = tenantKeyManagers.get(selectedKeyManager);
                    if (keyManagerDto != null && keyManagerDto.getKeyManager() != null && keyManagerDto.getKeyManager().canHandleToken(validationContext.getAccessToken())) {
                        if (log.isDebugEnabled()) {
                            log.debug("KeyManager " + keyManagerDto.getName() + " can handle the token");
                        }
                        keyManagerInstance = keyManagerDto.getKeyManager();
                        electedKeyManager = selectedKeyManager;
                        break;
                    }
                }
            }
        }
        if (keyManagerInstance != null) {
            log.debug("KeyManager instance available to validate token.");
            AccessTokenInfo tokenInfo = keyManagerInstance.getTokenMetaData(validationContext.getAccessToken());
            tokenInfo.setKeyManager(electedKeyManager);
            CacheProvider.getGatewayIntrospectCache().put(validationContext.getAccessToken(), tokenInfo);
            return tokenInfo;
        } else {
            AccessTokenInfo tokenInfo = new AccessTokenInfo();
            tokenInfo.setTokenValid(false);
            tokenInfo.setErrorcode(APIConstants.KeyValidationStatus.API_AUTH_INVALID_CREDENTIALS);
            log.debug("KeyManager not available to authorize token.");
            return tokenInfo;
        }
    }
    return null;
}

Example 13 with KeyManagerDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.

the class KeymanagersApiServiceImpl method keymanagersGet.

public Response keymanagersGet(String xWSO2Tenant, MessageContext messageContext) {
    xWSO2Tenant = SubscriptionValidationDataUtil.validateTenantDomain(xWSO2Tenant, messageContext);
    try {
        APIAdmin apiAdmin = new APIAdminImpl();
        List<KeyManagerConfigurationDTO> keyManagerConfigurations = apiAdmin.getKeyManagerConfigurationsByOrganization(xWSO2Tenant);
        List<KeyManagerDTO> keyManagerDTOList = new ArrayList<>();
        for (KeyManagerConfigurationDTO keyManagerConfiguration : keyManagerConfigurations) {
            keyManagerDTOList.add(toKeyManagerDTO(xWSO2Tenant, keyManagerConfiguration));
        }
        return Response.ok(keyManagerDTOList).build();
    } catch (APIManagementException e) {
        RestApiUtil.handleInternalServerError("Error while retrieving key manager configurations", e, log);
    }
    return null;
}

Example 14 with KeyManagerDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.

the class JWTValidationServiceImpl method validateJWTToken.

@Override
public JWTValidationInfo validateJWTToken(SignedJWTInfo signedJWTInfo) throws APIManagementException {
    String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
    JWTValidationInfo jwtValidationInfo = new JWTValidationInfo();
    String issuer = signedJWTInfo.getJwtClaimsSet().getIssuer();
    if (StringUtils.isNotEmpty(issuer)) {
        KeyManagerDto keyManagerDto = KeyManagerHolder.getKeyManagerByIssuer(tenantDomain, issuer);
        if (keyManagerDto != null && keyManagerDto.getJwtValidator() != null) {
            JWTValidationInfo validationInfo = keyManagerDto.getJwtValidator().validateToken(signedJWTInfo);
            validationInfo.setKeyManager(keyManagerDto.getName());
            return validationInfo;
        }
    }
    jwtValidationInfo.setValid(false);
    jwtValidationInfo.setValidationCode(APIConstants.KeyValidationStatus.API_AUTH_GENERAL_ERROR);
    return jwtValidationInfo;
}

Example 15 with KeyManagerDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.

the class JWTValidationServiceImpl method getKeyManagerNameIfJwtValidatorExist.

@Override
public String getKeyManagerNameIfJwtValidatorExist(SignedJWTInfo signedJWTInfo) throws APIManagementException {
    String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
    String issuer = signedJWTInfo.getJwtClaimsSet().getIssuer();
    KeyManagerDto keyManagerDto = KeyManagerHolder.getKeyManagerByIssuer(tenantDomain, issuer);
    if (keyManagerDto != null && keyManagerDto.getJwtValidator() != null) {
        return keyManagerDto.getName();
    } else {
        return null;
    }
}