Search in sources :

Example 1 with AbstractOAuthAuthenticator

use of org.wso2.carbon.apimgt.rest.api.util.authenticators.AbstractOAuthAuthenticator in project carbon-apimgt by wso2.

the class OAuthAuthenticationInterceptor method handleMessage.

@Override
@MethodStats
public void handleMessage(Message inMessage) {
    // by-passes the interceptor if user calls an anonymous api
    if (RestApiUtil.checkIfAnonymousAPI(inMessage)) {
        return;
    }
    HashMap<String, Object> authContext = JWTAuthenticationUtils.addToJWTAuthenticationContext(inMessage);
    RestAPIAuthenticator authenticator = RestAPIAuthenticationManager.getAuthenticator(authContext);
    if (authenticator != null) {
        try {
            String authenticationType = authenticator.getAuthenticationType();
            inMessage.put(RestApiConstants.REQUEST_AUTHENTICATION_SCHEME, authenticator.getAuthenticationType());
            String basePath = (String) inMessage.get(RestApiConstants.BASE_PATH);
            String version = (String) inMessage.get(RestApiConstants.API_VERSION);
            authContext.put(RestApiConstants.URI_TEMPLATES, RestApiUtil.getURITemplatesForBasePath(basePath + version));
            authContext.put(RestApiConstants.ORG_ID, RestApiUtil.resolveOrganization(inMessage));
            if (authenticator.authenticate(authContext)) {
                inMessage = JWTAuthenticationUtils.addToMessageContext(inMessage, authContext);
                if (logger.isDebugEnabled()) {
                    logger.debug("Request has been Authenticated , authentication type : " + authenticationType);
                }
            } else {
                logger.error("Failed to Authenticate , authentication type : " + authenticationType);
                throw new AuthenticationException("Unauthenticated request");
            }
        } catch (APIManagementException e) {
            logger.error("Authentication Failure " + e.getMessage());
            return;
        }
    }
    // Following logic will be moved to separate class in near future
    if (authenticator == null) {
        String accessToken = RestApiUtil.extractOAuthAccessTokenFromMessage(inMessage, RestApiConstants.REGEX_BEARER_PATTERN, RestApiConstants.AUTH_HEADER_NAME);
        // add masked token to the Message
        inMessage.put(RestApiConstants.MASKED_TOKEN, APIUtil.getMaskedToken(accessToken));
        if (accessToken == null) {
            return;
        }
        if (accessToken.contains(RestApiConstants.DOT)) {
            inMessage.put(RestApiConstants.REQUEST_AUTHENTICATION_SCHEME, RestApiConstants.JWT_AUTHENTICATION);
        } else {
            inMessage.put(RestApiConstants.REQUEST_AUTHENTICATION_SCHEME, RestApiConstants.OPAQUE_AUTHENTICATION);
        }
        try {
            if (logger.isDebugEnabled()) {
                logger.debug(String.format("Authenticating request with : " + inMessage.get(RestApiConstants.REQUEST_AUTHENTICATION_SCHEME)) + "Authentication");
            }
            AbstractOAuthAuthenticator abstractOAuthAuthenticator = authenticatorMap.get(inMessage.get(RestApiConstants.REQUEST_AUTHENTICATION_SCHEME));
            logger.debug("Selected Authenticator for the token validation " + abstractOAuthAuthenticator);
            if (abstractOAuthAuthenticator.authenticate(inMessage)) {
                if (logger.isDebugEnabled()) {
                    logger.debug("User logged into Web app using OAuth Authentication");
                }
            } else {
                throw new AuthenticationException("Unauthenticated request");
            }
        } catch (APIManagementException e) {
            logger.error("Error while authenticating incoming request to API Manager REST API", e);
        }
    }
}
Also used : APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) AuthenticationException(org.apache.cxf.interceptor.security.AuthenticationException) AbstractOAuthAuthenticator(org.wso2.carbon.apimgt.rest.api.util.authenticators.AbstractOAuthAuthenticator) RestAPIAuthenticator(org.wso2.carbon.apimgt.rest.api.common.RestAPIAuthenticator) MethodStats(org.wso2.carbon.apimgt.rest.api.util.MethodStats)

Aggregations

AuthenticationException (org.apache.cxf.interceptor.security.AuthenticationException)1 APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)1 RestAPIAuthenticator (org.wso2.carbon.apimgt.rest.api.common.RestAPIAuthenticator)1 MethodStats (org.wso2.carbon.apimgt.rest.api.util.MethodStats)1 AbstractOAuthAuthenticator (org.wso2.carbon.apimgt.rest.api.util.authenticators.AbstractOAuthAuthenticator)1