use of org.wso2.carbon.apimgt.rest.api.util.authenticators.AbstractOAuthAuthenticator in project carbon-apimgt by wso2.
the class OAuthAuthenticationInterceptor method handleMessage.
@Override
@MethodStats
public void handleMessage(Message inMessage) {
// by-passes the interceptor if user calls an anonymous api
if (RestApiUtil.checkIfAnonymousAPI(inMessage)) {
return;
}
HashMap<String, Object> authContext = JWTAuthenticationUtils.addToJWTAuthenticationContext(inMessage);
RestAPIAuthenticator authenticator = RestAPIAuthenticationManager.getAuthenticator(authContext);
if (authenticator != null) {
try {
String authenticationType = authenticator.getAuthenticationType();
inMessage.put(RestApiConstants.REQUEST_AUTHENTICATION_SCHEME, authenticator.getAuthenticationType());
String basePath = (String) inMessage.get(RestApiConstants.BASE_PATH);
String version = (String) inMessage.get(RestApiConstants.API_VERSION);
authContext.put(RestApiConstants.URI_TEMPLATES, RestApiUtil.getURITemplatesForBasePath(basePath + version));
authContext.put(RestApiConstants.ORG_ID, RestApiUtil.resolveOrganization(inMessage));
if (authenticator.authenticate(authContext)) {
inMessage = JWTAuthenticationUtils.addToMessageContext(inMessage, authContext);
if (logger.isDebugEnabled()) {
logger.debug("Request has been Authenticated , authentication type : " + authenticationType);
}
} else {
logger.error("Failed to Authenticate , authentication type : " + authenticationType);
throw new AuthenticationException("Unauthenticated request");
}
} catch (APIManagementException e) {
logger.error("Authentication Failure " + e.getMessage());
return;
}
}
// Following logic will be moved to separate class in near future
if (authenticator == null) {
String accessToken = RestApiUtil.extractOAuthAccessTokenFromMessage(inMessage, RestApiConstants.REGEX_BEARER_PATTERN, RestApiConstants.AUTH_HEADER_NAME);
// add masked token to the Message
inMessage.put(RestApiConstants.MASKED_TOKEN, APIUtil.getMaskedToken(accessToken));
if (accessToken == null) {
return;
}
if (accessToken.contains(RestApiConstants.DOT)) {
inMessage.put(RestApiConstants.REQUEST_AUTHENTICATION_SCHEME, RestApiConstants.JWT_AUTHENTICATION);
} else {
inMessage.put(RestApiConstants.REQUEST_AUTHENTICATION_SCHEME, RestApiConstants.OPAQUE_AUTHENTICATION);
}
try {
if (logger.isDebugEnabled()) {
logger.debug(String.format("Authenticating request with : " + inMessage.get(RestApiConstants.REQUEST_AUTHENTICATION_SCHEME)) + "Authentication");
}
AbstractOAuthAuthenticator abstractOAuthAuthenticator = authenticatorMap.get(inMessage.get(RestApiConstants.REQUEST_AUTHENTICATION_SCHEME));
logger.debug("Selected Authenticator for the token validation " + abstractOAuthAuthenticator);
if (abstractOAuthAuthenticator.authenticate(inMessage)) {
if (logger.isDebugEnabled()) {
logger.debug("User logged into Web app using OAuth Authentication");
}
} else {
throw new AuthenticationException("Unauthenticated request");
}
} catch (APIManagementException e) {
logger.error("Error while authenticating incoming request to API Manager REST API", e);
}
}
}
Aggregations