Example 6 with EndpointSecurityModel
use of org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.EndpointSecurityModel in project carbon-apimgt by wso2.
the class SecurityConfigContextTest method testSecurityConfigContextPerEndpointSandbox.
@Test
public void testSecurityConfigContextPerEndpointSandbox() throws Exception {
String json = "{\"endpoint_security\":{\n" + " \"sandbox\":{\n" + " \"enabled\":true,\n" + " \"type\":\"DIGEST\",\n" + " \"username\":\"admin\",\n" + " \"password\":\"admin123#QA\"\n" + " }\n" + " }\n" + "}";
API api = new API(new APIIdentifier("admin", "TestAPI", "1.0.0"));
api.setStatus(APIConstants.CREATED);
api.setContextTemplate("/");
api.setTransports(Constants.TRANSPORT_HTTP);
api.setEndpointConfig(json);
ConfigContext configcontext = new APIConfigContext(api);
Mockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.API_SECUREVAULT_ENABLE)).thenReturn("true");
SecurityConfigContext securityConfigContext = new SecurityConfigContextWrapper(configcontext, api, apiManagerConfiguration);
securityConfigContext.validate();
VelocityContext velocityContext = securityConfigContext.getContext();
Assert.assertNotNull(velocityContext.get("endpoint_security"));
Map<String, EndpointSecurityModel> endpointSecurityModelMap = (Map<String, EndpointSecurityModel>) velocityContext.get("endpoint_security");
EndpointSecurityModel sandbox = endpointSecurityModelMap.get("sandbox");
Assert.assertTrue("Property enabled cannot be false.", sandbox.isEnabled());
Assert.assertTrue("Property type cannot be other.", sandbox.getType().equalsIgnoreCase("digest"));
Assert.assertTrue("Property username does not match.", "admin".equals(sandbox.getUsername()));
Assert.assertTrue("Property base64value does not match. ", new String(Base64.encodeBase64("admin:admin123#QA".getBytes())).equalsIgnoreCase(sandbox.getBase64EncodedPassword()));
Assert.assertTrue("Property securevault_alias does not match.", "TestAPI--v1.0.0--sandbox".equalsIgnoreCase(sandbox.getAlias()));
Assert.assertTrue("Property isSecureVaultEnabled cannot be false. ", velocityContext.get("isSecureVaultEnabled").equals(true));
EndpointSecurityModel production = endpointSecurityModelMap.get("production");
Assert.assertFalse("Property enabled cannot be true.", production.isEnabled());
}
Also used :
SecurityConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.SecurityConfigContext)
VelocityContext(org.apache.velocity.VelocityContext)
EndpointSecurityModel(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.EndpointSecurityModel)
API(org.wso2.carbon.apimgt.api.model.API)
APIIdentifier(org.wso2.carbon.apimgt.api.model.APIIdentifier)
HashMap(java.util.HashMap)
Map(java.util.Map)
APIConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.APIConfigContext)
ConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.ConfigContext)
SecurityConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.SecurityConfigContext)
APIConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.APIConfigContext)
Test(org.junit.Test)
Example 7 with EndpointSecurityModel
use of org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.EndpointSecurityModel in project carbon-apimgt by wso2.
the class SecurityConfigContext method getContext.
public VelocityContext getContext() {
VelocityContext context = super.getContext();
boolean isSecureVaultEnabled = Boolean.parseBoolean(getApiManagerConfiguration().getFirstProperty(APIConstants.API_SECUREVAULT_ENABLE));
if (api != null) {
Map<String, EndpointSecurityModel> endpointSecurityModelMap = new HashMap<>();
endpointSecurityModelMap.put(APIConstants.ENDPOINT_SECURITY_PRODUCTION, new EndpointSecurityModel());
endpointSecurityModelMap.put(APIConstants.ENDPOINT_SECURITY_SANDBOX, new EndpointSecurityModel());
if (StringUtils.isNotEmpty(api.getEndpointConfig())) {
if (productionEndpointSecurity != null) {
EndpointSecurityModel endpointSecurityModel = new ObjectMapper().convertValue(productionEndpointSecurity, EndpointSecurityModel.class);
endpointSecurityModel = retrieveEndpointSecurityModel(endpointSecurityModel, api.getId().getApiName(), api.getId().getVersion(), api.getUuid(), APIConstants.ENDPOINT_SECURITY_PRODUCTION, null);
if (endpointSecurityModel != null) {
endpointSecurityModelMap.put(APIConstants.ENDPOINT_SECURITY_PRODUCTION, endpointSecurityModel);
}
}
if (sandboxEndpointSecurity != null) {
EndpointSecurityModel endpointSecurityModel = new ObjectMapper().convertValue(sandboxEndpointSecurity, EndpointSecurityModel.class);
endpointSecurityModel = retrieveEndpointSecurityModel(endpointSecurityModel, api.getId().getApiName(), api.getId().getVersion(), api.getUuid(), APIConstants.ENDPOINT_SECURITY_SANDBOX, null);
if (endpointSecurityModel != null) {
endpointSecurityModelMap.put(APIConstants.ENDPOINT_SECURITY_SANDBOX, endpointSecurityModel);
}
}
}
context.put("endpoint_security", endpointSecurityModelMap);
} else if (apiProduct != null) {
Map<String, Map<String, EndpointSecurityModel>> endpointSecurityModelMap = new HashMap<>();
for (APIProductResource apiProductResource : apiProduct.getProductResources()) {
APIDTO apidto = associatedAPIMap.get(apiProductResource.getApiId());
String alias = apiProduct.getId().getName() + "--v" + apiProduct.getId().getVersion();
Map<String, EndpointSecurityModel> stringEndpointSecurityModelMap = new HashMap<>();
Map<String, EndpointSecurity> endpointSecurityMap = apiProductResource.getEndpointSecurityMap();
for (Map.Entry<String, EndpointSecurity> endpointSecurityEntry : endpointSecurityMap.entrySet()) {
EndpointSecurityModel endpointSecurityModel = new EndpointSecurityModel(endpointSecurityEntry.getValue());
endpointSecurityModel = retrieveEndpointSecurityModel(endpointSecurityModel, apidto.getName(), apidto.getVersion(), apidto.getId(), endpointSecurityEntry.getKey(), alias);
stringEndpointSecurityModelMap.put(endpointSecurityEntry.getKey(), endpointSecurityModel);
}
endpointSecurityModelMap.put(apiProductResource.getApiId(), stringEndpointSecurityModelMap);
}
context.put("endpoint_security", endpointSecurityModelMap);
}
context.put("isSecureVaultEnabled", isSecureVaultEnabled);
return context;
}
Also used :
APIDTO(org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.APIDTO)
HashMap(java.util.HashMap)
APIProductResource(org.wso2.carbon.apimgt.api.model.APIProductResource)
VelocityContext(org.apache.velocity.VelocityContext)
HashMap(java.util.HashMap)
Map(java.util.Map)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Aggregations
HashMap (java.util.HashMap)7
Map (java.util.Map)7
VelocityContext (org.apache.velocity.VelocityContext)7
Test (org.junit.Test)6
APIIdentifier (org.wso2.carbon.apimgt.api.model.APIIdentifier)6
APIConfigContext (org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.APIConfigContext)6
ConfigContext (org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.ConfigContext)6
EndpointSecurityModel (org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.EndpointSecurityModel)6
SecurityConfigContext (org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.SecurityConfigContext)6
API (org.wso2.carbon.apimgt.api.model.API)4
APIProductResource (org.wso2.carbon.apimgt.api.model.APIProductResource)3
APIDTO (org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.APIDTO)3
ArrayList (java.util.ArrayList)2
APIProduct (org.wso2.carbon.apimgt.api.model.APIProduct)2
APIProductIdentifier (org.wso2.carbon.apimgt.api.model.APIProductIdentifier)2
EndpointSecurity (org.wso2.carbon.apimgt.api.model.EndpointSecurity)2
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1
