use of org.wso2.carbon.apimgt.rest.integration.tests.store.auth.OAuth in project carbon-apimgt by wso2.
the class APIDefinitionFromSwagger20 method generateSwaggerFromResources.
/**
* generate the swagger from uri templates.
*
* @param api API Object
* @return Generated swagger resources as string.
*/
@Override
public String generateSwaggerFromResources(API.APIBuilder api) {
Swagger swagger = new Swagger();
Info info = new Info();
info.setTitle(api.getName());
info.setDescription(api.getDescription());
Contact contact = new Contact();
if (api.getBusinessInformation() != null) {
BusinessInformation businessInformation = api.getBusinessInformation();
contact.setName(businessInformation.getBusinessOwner());
contact.setEmail(businessInformation.getBusinessOwnerEmail());
}
info.setContact(contact);
info.setVersion(api.getVersion());
swagger.setInfo(info);
addSecuritySchemeToSwaggerDefinition(swagger, api.build());
Map<String, Path> stringPathMap = new HashMap();
for (UriTemplate uriTemplate : api.getUriTemplates().values()) {
String uriTemplateString = uriTemplate.getUriTemplate();
List<Parameter> parameterList = getParameters(uriTemplateString);
if (uriTemplate.getParameters() == null || uriTemplate.getParameters().isEmpty()) {
if (!HttpMethod.GET.toString().equalsIgnoreCase(uriTemplate.getHttpVerb()) && !HttpMethod.DELETE.toString().equalsIgnoreCase(uriTemplate.getHttpVerb()) && !HttpMethod.OPTIONS.toString().equalsIgnoreCase(uriTemplate.getHttpVerb()) && !HttpMethod.HEAD.toString().equalsIgnoreCase(uriTemplate.getHttpVerb())) {
parameterList.add(getDefaultBodyParameter());
}
} else {
for (URITemplateParam uriTemplateParam : uriTemplate.getParameters()) {
Parameter parameter = getParameterFromURITemplateParam(uriTemplateParam);
parameterList.add(parameter);
}
}
Operation operation = new Operation();
operation.setParameters(parameterList);
operation.setOperationId(uriTemplate.getTemplateId());
// having content types like */* can break swagger definition
if (!StringUtils.isEmpty(uriTemplate.getContentType()) && !uriTemplate.getContentType().contains("*")) {
List<String> consumesList = new ArrayList<>();
consumesList.add(uriTemplate.getContentType());
operation.setConsumes(consumesList);
}
operation.addResponse("200", getDefaultResponse());
if (!APIMgtConstants.AUTH_NO_AUTHENTICATION.equals(uriTemplate.getAuthType()) && ((api.getSecurityScheme() & 2) == 2)) {
log.debug("API security scheme : API Key Scheme ---- Resource Auth Type : Not None");
operation.addSecurity(APIMgtConstants.SWAGGER_APIKEY, null);
}
if (!APIMgtConstants.AUTH_NO_AUTHENTICATION.equals(uriTemplate.getAuthType()) && ((api.getSecurityScheme() & 1) == 1)) {
log.debug("API security scheme : Oauth Scheme ---- Resource Auth Type : Not None");
operation.addSecurity(APIMgtConstants.SWAGGER_OAUTH2, null);
}
if (stringPathMap.containsKey(uriTemplateString)) {
Path path = stringPathMap.get(uriTemplateString);
path.set(uriTemplate.getHttpVerb().toLowerCase(), operation);
} else {
Path path = new Path();
path.set(uriTemplate.getHttpVerb().toLowerCase(), operation);
stringPathMap.put(uriTemplateString, path);
}
}
swagger.setPaths(stringPathMap);
swagger.setPaths(stringPathMap);
return Json.pretty(swagger);
}
use of org.wso2.carbon.apimgt.rest.integration.tests.store.auth.OAuth in project carbon-apimgt by wso2.
the class ApplicationUtils method createAccessTokenRequest.
public static AccessTokenRequest createAccessTokenRequest(OAuthApplicationInfo oAuthApplication) throws APIManagementException {
AccessTokenRequest tokenRequest = new AccessTokenRequest();
if (oAuthApplication.getClientId() != null || oAuthApplication.getClientSecret() != null) {
tokenRequest.setClientId(oAuthApplication.getClientId());
tokenRequest.setClientSecret(oAuthApplication.getClientSecret());
} else {
throw new KeyManagementException("Consumer key or Consumer Secret is missing.");
}
if (oAuthApplication.getParameter(KeyManagerConstants.TOKEN_SCOPES) != null) {
String tokenScopes = (String) oAuthApplication.getParameter(KeyManagerConstants.TOKEN_SCOPES);
tokenRequest.setScopes(tokenScopes);
oAuthApplication.addParameter(KeyManagerConstants.OAUTH_CLIENT_TOKEN_SCOPE, tokenScopes);
}
tokenRequest.setGrantType(KeyManagerConstants.CLIENT_CREDENTIALS_GRANT_TYPE);
if (oAuthApplication.getParameter(KeyManagerConstants.VALIDITY_PERIOD) != null) {
tokenRequest.setValidityPeriod(Long.parseLong((String) oAuthApplication.getParameter(KeyManagerConstants.VALIDITY_PERIOD)));
} else {
throw new KeyManagementException("Validity period missing for generated oAuth keys");
}
return tokenRequest;
}
use of org.wso2.carbon.apimgt.rest.integration.tests.store.auth.OAuth in project carbon-apimgt by wso2.
the class AuthenticatorServiceTestCase method testGetAuthenticationConfigurationsForPublisher.
@Test
public void testGetAuthenticationConfigurationsForPublisher() throws Exception {
// Happy Path - 200
// // Mocked response object from DCR api
SystemApplicationDao systemApplicationDao = Mockito.mock(SystemApplicationDao.class);
Mockito.when(systemApplicationDao.isConsumerKeyExistForApplication("store")).thenReturn(false);
APIMConfigurationService apimConfigurationService = Mockito.mock(APIMConfigurationService.class);
EnvironmentConfigurations environmentConfigurations = new EnvironmentConfigurations();
Mockito.when(apimConfigurationService.getEnvironmentConfigurations()).thenReturn(environmentConfigurations);
APIMAppConfigurationService apimAppConfigurationService = Mockito.mock(APIMAppConfigurationService.class);
APIMAppConfigurations apimAppConfigurations = new APIMAppConfigurations();
Mockito.when(apimAppConfigurationService.getApimAppConfigurations()).thenReturn(apimAppConfigurations);
OAuthApplicationInfo oAuthApplicationInfo = new OAuthApplicationInfo();
oAuthApplicationInfo.setClientId("xxx-client-id-xxx");
oAuthApplicationInfo.setCallBackURL("https://localhost:9292/login/callback/publisher");
// // Expected data object to be passed to the front-end
JsonObject oAuthData = new JsonObject();
String scopes = "apim:api_view apim:api_create apim:api_update apim:api_delete apim:apidef_update " + "apim:api_publish apim:subscription_view apim:subscription_block openid " + "apim:external_services_discover apim:dedicated_gateway";
oAuthData.addProperty(KeyManagerConstants.OAUTH_CLIENT_ID, oAuthApplicationInfo.getClientId());
oAuthData.addProperty(KeyManagerConstants.OAUTH_CALLBACK_URIS, oAuthApplicationInfo.getCallBackURL());
oAuthData.addProperty(KeyManagerConstants.TOKEN_SCOPES, scopes);
oAuthData.addProperty(KeyManagerConstants.AUTHORIZATION_ENDPOINT, "https://localhost:9443/oauth2/authorize");
oAuthData.addProperty(AuthenticatorConstants.SSO_ENABLED, ServiceReferenceHolder.getInstance().getAPIMAppConfiguration().isSsoEnabled());
KeyManager keyManager = Mockito.mock(KeyManager.class);
MultiEnvironmentOverview multiEnvironmentOverview = new MultiEnvironmentOverview();
environmentConfigurations.setMultiEnvironmentOverview(multiEnvironmentOverview);
multiEnvironmentOverview.setEnabled(true);
AuthenticatorService authenticatorService = new AuthenticatorService(keyManager, systemApplicationDao, apimConfigurationService, apimAppConfigurationService);
// // Get data object to be passed to the front-end
Mockito.when(keyManager.createApplication(Mockito.any())).thenReturn(oAuthApplicationInfo);
JsonObject responseOAuthDataObj = authenticatorService.getAuthenticationConfigurations("publisher");
String[] scopesActual = responseOAuthDataObj.get(KeyManagerConstants.TOKEN_SCOPES).toString().split(" ");
String[] scopesExpected = oAuthData.get(KeyManagerConstants.TOKEN_SCOPES).toString().split(" ");
Assert.assertEquals(scopesActual.length, scopesExpected.length);
// Error Path - 500 - When OAuthApplicationInfo is null
JsonObject emptyOAuthDataObj = new JsonObject();
Mockito.when(keyManager.createApplication(Mockito.any())).thenReturn(null);
JsonObject responseEmptyOAuthDataObj = authenticatorService.getAuthenticationConfigurations("publisher");
Assert.assertEquals(responseEmptyOAuthDataObj, emptyOAuthDataObj);
// Error Path - When DCR application creation fails and throws an APIManagementException
Mockito.when(keyManager.createApplication(Mockito.any())).thenThrow(KeyManagementException.class);
try {
authenticatorService.getAuthenticationConfigurations("publisher");
} catch (APIManagementException e) {
Assert.assertEquals(e.getMessage(), "Error while creating the keys for OAuth application : publisher");
}
}
use of org.wso2.carbon.apimgt.rest.integration.tests.store.auth.OAuth in project carbon-apimgt by wso2.
the class AuthenticatorServiceTestCase method testGetTokens.
@Test
public void testGetTokens() throws Exception {
// Happy Path - 200 - Authorization code grant type
APIMConfigurationService apimConfigurationService = Mockito.mock(APIMConfigurationService.class);
EnvironmentConfigurations environmentConfigurations = new EnvironmentConfigurations();
Mockito.when(apimConfigurationService.getEnvironmentConfigurations()).thenReturn(environmentConfigurations);
APIMAppConfigurationService apimAppConfigurationService = Mockito.mock(APIMAppConfigurationService.class);
APIMAppConfigurations apimAppConfigurations = new APIMAppConfigurations();
Mockito.when(apimAppConfigurationService.getApimAppConfigurations()).thenReturn(apimAppConfigurations);
// // Mocked response from DCR endpoint
OAuthApplicationInfo oAuthApplicationInfo = new OAuthApplicationInfo();
oAuthApplicationInfo.setClientId("xxx-client-id-xxx");
oAuthApplicationInfo.setClientSecret("xxx-client-secret-xxx");
// // Expected response object from KeyManager
AccessTokenInfo tokenInfo = new AccessTokenInfo();
tokenInfo.setAccessToken("xxx-access-token-xxx");
tokenInfo.setScopes("apim:subscribe openid");
tokenInfo.setRefreshToken("xxx-refresh-token-xxx");
tokenInfo.setIdToken("xxx-id-token-xxx");
tokenInfo.setValidityPeriod(-2L);
KeyManager keyManager = Mockito.mock(KeyManager.class);
SystemApplicationDao systemApplicationDao = Mockito.mock(SystemApplicationDao.class);
Mockito.when(systemApplicationDao.isConsumerKeyExistForApplication("store")).thenReturn(false);
MultiEnvironmentOverview multiEnvironmentOverview = new MultiEnvironmentOverview();
environmentConfigurations.setMultiEnvironmentOverview(multiEnvironmentOverview);
AuthenticatorService authenticatorService = new AuthenticatorService(keyManager, systemApplicationDao, apimConfigurationService, apimAppConfigurationService);
Mockito.when(keyManager.createApplication(Mockito.any())).thenReturn(oAuthApplicationInfo);
// // Actual response - When authorization code is not null
Mockito.when(keyManager.getNewAccessToken(Mockito.any())).thenReturn(tokenInfo);
AccessTokenInfo tokenInfoResponseForValidAuthCode = authenticatorService.getTokens("store", "authorization_code", null, null, null, 0, "xxx-auth-code-xxx", null, null);
Assert.assertEquals(tokenInfoResponseForValidAuthCode, tokenInfo);
// Error Path - 500 - Authorization code grant type
// // When an error occurred - Eg: Access denied
AccessTokenInfo emptyTokenInfo = new AccessTokenInfo();
Mockito.when(keyManager.getNewAccessToken(Mockito.any())).thenReturn(emptyTokenInfo);
AccessTokenInfo tokenInfoResponseForInvalidAuthCode = new AccessTokenInfo();
try {
tokenInfoResponseForInvalidAuthCode = authenticatorService.getTokens("store", "authorization_code", null, null, null, 0, null, null, null);
} catch (APIManagementException e) {
Assert.assertEquals(e.getMessage(), "No Authorization Code available.");
Assert.assertEquals(tokenInfoResponseForInvalidAuthCode, emptyTokenInfo);
}
// Happy Path - 200 - Password grant type
Mockito.when(keyManager.getNewAccessToken(Mockito.any())).thenReturn(tokenInfo);
AccessTokenInfo tokenInfoResponseForPasswordGrant = authenticatorService.getTokens("store", "password", "admin", "admin", null, 0, null, null, null);
Assert.assertEquals(tokenInfoResponseForPasswordGrant, tokenInfo);
// Error Path - When token generation fails and throws APIManagementException
Mockito.when(keyManager.getNewAccessToken(Mockito.any())).thenThrow(KeyManagementException.class).thenReturn(tokenInfo);
try {
authenticatorService.getTokens("store", "password", "admin", "admin", null, 0, null, null, null);
} catch (APIManagementException e) {
Assert.assertEquals(e.getMessage(), "Error while receiving tokens for OAuth application : store");
}
// Happy Path - 200 - Refresh grant type
Mockito.when(keyManager.getNewAccessToken(Mockito.any())).thenReturn(tokenInfo);
AccessTokenInfo tokenInfoResponseForRefreshGrant = authenticatorService.getTokens("store", "refresh_token", null, null, null, 0, null, null, null);
Assert.assertEquals(tokenInfoResponseForPasswordGrant, tokenInfo);
// Happy Path - 200 - JWT grant type
// Multi-Environment Overview configuration
multiEnvironmentOverview.setEnabled(true);
IdentityProvider identityProvider = Mockito.mock(IdentityProvider.class);
String userFromIdentityProvider = "admin-user";
Mockito.when(identityProvider.getIdOfUser(Mockito.anyString())).thenThrow(IdentityProviderException.class);
Mockito.doReturn("xxx-admin-user-id-xxx").when(identityProvider).getIdOfUser(userFromIdentityProvider);
// A valid jwt with user "admin-user"
String idTokenWith_adminUser = "xxx+header+xxx.eyJzdWIiOiJhZG1pbi11c2VyIn0.xxx+signature+xxx";
tokenInfo.setIdToken(idTokenWith_adminUser);
Mockito.when(keyManager.getNewAccessToken(Mockito.any())).thenReturn(tokenInfo);
AccessTokenInfo tokenInfoResponseForValidJWTGrant = authenticatorService.getTokens("store", "urn:ietf:params:oauth:grant-type:jwt-bearer", null, null, null, 0, null, "xxx-assertion-xxx", identityProvider);
Assert.assertEquals(tokenInfoResponseForValidJWTGrant, tokenInfo);
// Error Path - When invalid user in JWT Token
// A valid jwt with user "John"
String idTokenWith_johnUser = "xxx+header+xxx.eyJzdWIiOiJKb2huIn0.xxx+signature+xxx";
tokenInfo.setIdToken(idTokenWith_johnUser);
Mockito.when(keyManager.getNewAccessToken(Mockito.any())).thenReturn(tokenInfo);
try {
AccessTokenInfo tokenInfoResponseForInvalidJWTGrant = authenticatorService.getTokens("store", "urn:ietf:params:oauth:grant-type:jwt-bearer", null, null, null, 0, null, "xxx-assertion-xxx", identityProvider);
Assert.assertEquals(tokenInfoResponseForInvalidJWTGrant, tokenInfo);
} catch (APIManagementException e) {
Assert.assertEquals(e.getMessage(), "User John does not exists in this environment.");
}
}
use of org.wso2.carbon.apimgt.rest.integration.tests.store.auth.OAuth in project carbon-apimgt by wso2.
the class AuthenticatorService method getAuthenticationConfigurations.
/**
* This method returns the details of a DCR application.
*
* @param appName Name of the application to be created
* @return oAuthData - A JsonObject with DCR application details, scopes, auth endpoint, and SSO is enabled or not
* @throws APIManagementException When creating DCR application fails
*/
public JsonObject getAuthenticationConfigurations(String appName) throws APIManagementException {
JsonObject oAuthData = new JsonObject();
MultiEnvironmentOverview multiEnvironmentOverviewConfigs = apimConfigurationService.getEnvironmentConfigurations().getMultiEnvironmentOverview();
boolean isMultiEnvironmentOverviewEnabled = multiEnvironmentOverviewConfigs.isEnabled();
List<String> grantTypes = new ArrayList<>();
grantTypes.add(KeyManagerConstants.PASSWORD_GRANT_TYPE);
grantTypes.add(KeyManagerConstants.AUTHORIZATION_CODE_GRANT_TYPE);
grantTypes.add(KeyManagerConstants.REFRESH_GRANT_TYPE);
if (isMultiEnvironmentOverviewEnabled) {
grantTypes.add(KeyManagerConstants.JWT_GRANT_TYPE);
}
APIMAppConfigurations appConfigs = apimAppConfigurationService.getApimAppConfigurations();
String callBackURL = appConfigs.getApimBaseUrl() + AuthenticatorConstants.AUTHORIZATION_CODE_CALLBACK_URL + appName;
// Get scopes of the application
String scopes = getApplicationScopes(appName);
log.debug("Set scopes for {} application using swagger definition.", appName);
OAuthApplicationInfo oAuthApplicationInfo;
try {
oAuthApplicationInfo = createDCRApplication(appName, callBackURL, grantTypes);
if (oAuthApplicationInfo != null) {
log.debug("Created DCR Application successfully for {}.", appName);
String oAuthApplicationClientId = oAuthApplicationInfo.getClientId();
String oAuthApplicationCallBackURL = oAuthApplicationInfo.getCallBackURL();
oAuthData.addProperty(KeyManagerConstants.OAUTH_CLIENT_ID, oAuthApplicationClientId);
oAuthData.addProperty(KeyManagerConstants.OAUTH_CALLBACK_URIS, oAuthApplicationCallBackURL);
oAuthData.addProperty(KeyManagerConstants.TOKEN_SCOPES, scopes);
oAuthData.addProperty(KeyManagerConstants.AUTHORIZATION_ENDPOINT, appConfigs.getAuthorizationEndpoint());
oAuthData.addProperty(AuthenticatorConstants.SSO_ENABLED, appConfigs.isSsoEnabled());
oAuthData.addProperty(AuthenticatorConstants.MULTI_ENVIRONMENT_OVERVIEW_ENABLED, isMultiEnvironmentOverviewEnabled);
} else {
String errorMsg = "No information available in OAuth application.";
log.error(errorMsg, ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
}
} catch (APIManagementException e) {
String errorMsg = "Error while creating the keys for OAuth application : " + appName;
log.error(errorMsg, e, ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
throw new APIManagementException(errorMsg, e, ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
}
return oAuthData;
}
Aggregations