use of org.wso2.carbon.governance.custom.lifecycles.checklist.util.Property in project carbon-apimgt by wso2.
the class SecurityConfigContextTest method testSecurityConfigContextPerEndpointProductionType.
@Test
public void testSecurityConfigContextPerEndpointProductionType() throws Exception {
String json = "{\"endpoint_security\":{\n" + " \"production\":{\n" + " \"enabled\":true,\n" + " \"type\":\"BASIC\",\n" + " \"username\":\"admin\",\n" + " \"password\":\"admin123#QA\"\n" + " }\n" + " }\n" + "}";
API api = new API(new APIIdentifier("admin", "TestAPI", "1.0.0"));
api.setStatus(APIConstants.CREATED);
api.setContextTemplate("/");
api.setTransports(Constants.TRANSPORT_HTTP);
api.setEndpointConfig(json);
ConfigContext configcontext = new APIConfigContext(api);
Mockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.API_SECUREVAULT_ENABLE)).thenReturn("true");
SecurityConfigContext securityConfigContext = new SecurityConfigContextWrapper(configcontext, api, apiManagerConfiguration);
securityConfigContext.validate();
VelocityContext velocityContext = securityConfigContext.getContext();
Assert.assertNotNull(velocityContext.get("endpoint_security"));
Map<String, EndpointSecurityModel> endpointSecurityModelMap = (Map<String, EndpointSecurityModel>) velocityContext.get("endpoint_security");
EndpointSecurityModel production = endpointSecurityModelMap.get("production");
Assert.assertTrue("Property enabled cannot be false.", production.isEnabled());
Assert.assertTrue("Property type cannot be other.", production.getType().equalsIgnoreCase("basic"));
Assert.assertTrue("Property username does not match.", "admin".equals(production.getUsername()));
Assert.assertTrue("Property base64value does not match. ", new String(Base64.encodeBase64("admin:admin123#QA".getBytes())).equalsIgnoreCase(production.getBase64EncodedPassword()));
Assert.assertTrue("Property securevault_alias does not match.", "TestAPI--v1.0.0--production".equalsIgnoreCase(production.getAlias()));
Assert.assertTrue("Property isSecureVaultEnabled cannot be false. ", velocityContext.get("isSecureVaultEnabled").equals(true));
EndpointSecurityModel sandbox = endpointSecurityModelMap.get("sandbox");
Assert.assertFalse("Property enabled cannot be true.", sandbox.isEnabled());
}
use of org.wso2.carbon.governance.custom.lifecycles.checklist.util.Property in project carbon-apimgt by wso2.
the class SecurityConfigContextTest method testSecurityConfigContextForAPIProductWithOAuth.
@Test
public void testSecurityConfigContextForAPIProductWithOAuth() throws Exception {
APIProduct apiProduct = new APIProduct(new APIProductIdentifier("admin", "TestProduct", "1.0.0"));
apiProduct.setUuid(UUID.randomUUID().toString());
String apiid = UUID.randomUUID().toString();
List<APIProductResource> apiProductResourceList = new ArrayList<>();
APIProductResource apiProductResource = new APIProductResource();
apiProductResource.setApiIdentifier(new APIIdentifier("admin_api1_v1"));
apiProductResource.setApiId(apiid);
Map<String, EndpointSecurity> endpointSecurityMap = new HashMap<>();
EndpointSecurity endpointSecurity = new EndpointSecurity();
endpointSecurity.setType("oauth");
endpointSecurity.setClientId("123-456");
endpointSecurity.setClientSecret("admin123");
endpointSecurity.setGrantType("client_credentials");
endpointSecurity.setEnabled(true);
endpointSecurityMap.put("production", endpointSecurity);
apiProductResource.setApiId(apiid);
apiProductResource.setEndpointSecurityMap(endpointSecurityMap);
apiProductResourceList.add(apiProductResource);
apiProduct.setProductResources(apiProductResourceList);
ConfigContext configcontext = new APIConfigContext(apiProduct);
Mockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.API_SECUREVAULT_ENABLE)).thenReturn("true");
Map<String, APIDTO> apidtoMap = new HashMap<>();
apidtoMap.put(apiid, new APIDTO().name("api1").version("v1").provider("admin").id(UUID.randomUUID().toString()));
SecurityConfigContext securityConfigContext = new SecurityConfigContextWrapper(configcontext, apiProduct, apiManagerConfiguration, apidtoMap);
securityConfigContext.validate();
VelocityContext velocityContext = securityConfigContext.getContext();
Assert.assertNotNull(velocityContext.get("endpoint_security"));
Map<String, Map<String, EndpointSecurityModel>> endpointSecurityModelMap = (Map<String, Map<String, EndpointSecurityModel>>) velocityContext.get("endpoint_security");
Map<String, EndpointSecurityModel> endpointSecurityModelMap1 = endpointSecurityModelMap.get(apiProductResource.getApiId());
EndpointSecurityModel production = endpointSecurityModelMap1.get("production");
Assert.assertTrue("Property enabled cannot be false.", production.isEnabled());
Assert.assertTrue("Property type cannot be other.", production.getType().equalsIgnoreCase("oauth"));
Assert.assertTrue("Property username does not match.", "123-456".equals(production.getClientId()));
Assert.assertEquals(production.getClientSecretAlias(), "TestProduct--v1.0.0--api1--vv1--oauth--clientSecret" + "--production");
Assert.assertTrue("Property isSecureVaultEnabled cannot be false. ", velocityContext.get("isSecureVaultEnabled").equals(true));
}
use of org.wso2.carbon.governance.custom.lifecycles.checklist.util.Property in project carbon-apimgt by wso2.
the class TemplateBuilderUtilTest method testAdditionalPropertyWithStoreVisibilityReplacement.
@Test
public void testAdditionalPropertyWithStoreVisibilityReplacement() {
API api = new API(new APIIdentifier("admin", "API", "1.0"));
api.addProperty("test__display", "true");
api.addProperty("property", "true");
JSONObject modifiedProperties = TemplateBuilderUtil.getModifiedProperties(api.getAdditionalProperties());
Assert.assertEquals("Additional Properties count mismatched", 3, modifiedProperties.size());
Assert.assertNotNull("Converted additional Property is not available", modifiedProperties.get("test"));
Assert.assertEquals("Converted property does not have the original value", api.getProperty("test__display"), modifiedProperties.get("test"));
}
use of org.wso2.carbon.governance.custom.lifecycles.checklist.util.Property in project carbon-apimgt by wso2.
the class ApisApiServiceImpl method importAsyncAPISpecification.
/**
* Importing and AsyncAPI Specification and create and API
*
* @param fileInputStream InputStream for the provided file
* @param fileDetail File meta-data
* @param url URL of the AsyncAPI Specification
* @param additionalProperties API object (json) including additional properties like name, version, context
* @param messageContext CXF message context
* @return API import using AsyncAPI specification response
*/
@Override
public Response importAsyncAPISpecification(InputStream fileInputStream, Attachment fileDetail, String url, String additionalProperties, MessageContext messageContext) throws APIManagementException {
// validate 'additionalProperties' json
if (StringUtils.isBlank(additionalProperties)) {
RestApiUtil.handleBadRequest("'additionalProperties' is required and should not be null", log);
}
// Convert the 'additionalProperties' json into an APIDTO object
ObjectMapper objectMapper = new ObjectMapper();
APIDTO apiDTOFromProperties;
try {
apiDTOFromProperties = objectMapper.readValue(additionalProperties, APIDTO.class);
if (apiDTOFromProperties.getType() == null) {
RestApiUtil.handleBadRequest("Required property protocol is not specified for the Async API", log);
}
} catch (IOException e) {
throw RestApiUtil.buildBadRequestException("Error while parsing 'additionalProperties'", e);
}
// validate whether ASYNC APIs created without advertise only enabled
if (APIDTO.TypeEnum.ASYNC.equals(apiDTOFromProperties.getType()) && (apiDTOFromProperties.getAdvertiseInfo() == null || !apiDTOFromProperties.getAdvertiseInfo().isAdvertised())) {
RestApiUtil.handleBadRequest("ASYNC type APIs only can be created as third party APIs", log);
}
// validate websocket url and change transport types
if (PublisherCommonUtils.isValidWSAPI(apiDTOFromProperties)) {
ArrayList<String> websocketTransports = new ArrayList<>();
websocketTransports.add(APIConstants.WS_PROTOCOL);
websocketTransports.add(APIConstants.WSS_PROTOCOL);
apiDTOFromProperties.setTransport(websocketTransports);
}
// Import the API and Definition
try {
String organization = RestApiUtil.getValidatedOrganization(messageContext);
APIDTO createdAPIDTO = importAsyncAPISpecification(fileInputStream, url, apiDTOFromProperties, fileDetail, null, organization);
URI createdApiUri = new URI(RestApiConstants.RESOURCE_PATH_APIS + "/" + createdAPIDTO.getId());
return Response.created(createdApiUri).entity(createdAPIDTO).build();
} catch (URISyntaxException e) {
String errorMessage = "Error while retrieving API location : " + apiDTOFromProperties.getProvider() + "-" + apiDTOFromProperties.getName() + "-" + apiDTOFromProperties.getVersion();
RestApiUtil.handleInternalServerError(errorMessage, e, log);
}
return null;
}
use of org.wso2.carbon.governance.custom.lifecycles.checklist.util.Property in project carbon-apimgt by wso2.
the class ImportUtils method importApi.
/**
* This method imports an API.
*
* @param extractedFolderPath Location of the extracted folder of the API
* @param importedApiDTO API DTO of the importing API
* (This will not be null when importing dependent APIs with API Products)
* @param preserveProvider Decision to keep or replace the provider
* @param overwrite Whether to update the API or not
* @param tokenScopes Scopes of the token
* @param dependentAPIParamsConfigObject Params configuration of an API (this will not be null if a dependent API
* of an
* API product wants to override the parameters)
* @param organization Identifier of an Organization
* @throws APIImportExportException If there is an error in importing an API
* @@return Imported API
*/
public static API importApi(String extractedFolderPath, APIDTO importedApiDTO, Boolean preserveProvider, Boolean rotateRevision, Boolean overwrite, Boolean dependentAPIFromProduct, String[] tokenScopes, JsonObject dependentAPIParamsConfigObject, String organization) throws APIManagementException {
String userName = RestApiCommonUtil.getLoggedInUsername();
APIDefinitionValidationResponse validationResponse = null;
String graphQLSchema = null;
API importedApi = null;
String currentStatus;
String targetStatus;
String lifecycleAction;
GraphqlComplexityInfo graphqlComplexityInfo = null;
int tenantId = 0;
JsonArray deploymentInfoArray = null;
JsonObject paramsConfigObject;
try {
if (importedApiDTO == null) {
JsonElement jsonObject = retrieveValidatedDTOObject(extractedFolderPath, preserveProvider, userName, ImportExportConstants.TYPE_API);
importedApiDTO = new Gson().fromJson(jsonObject, APIDTO.class);
}
// If the provided dependent APIs params config is null, it means this happening when importing an API (not
// because when importing a dependent API of an API Product). Hence, try to retrieve the definition from
// the API folder path
paramsConfigObject = (dependentAPIParamsConfigObject != null) ? dependentAPIParamsConfigObject : APIControllerUtil.resolveAPIControllerEnvParams(extractedFolderPath);
// If above the params configurations are not null, then resolve those
if (paramsConfigObject != null) {
importedApiDTO = APIControllerUtil.injectEnvParamsToAPI(importedApiDTO, paramsConfigObject, extractedFolderPath);
if (!isAdvertiseOnlyAPI(importedApiDTO)) {
JsonElement deploymentsParam = paramsConfigObject.get(ImportExportConstants.DEPLOYMENT_ENVIRONMENTS);
if (deploymentsParam != null && !deploymentsParam.isJsonNull()) {
deploymentInfoArray = deploymentsParam.getAsJsonArray();
}
}
}
String apiType = importedApiDTO.getType().toString();
APIProvider apiProvider = RestApiCommonUtil.getProvider(importedApiDTO.getProvider());
// Validate swagger content except for streaming APIs
if (!PublisherCommonUtils.isStreamingAPI(importedApiDTO) && !APIConstants.APITransportType.GRAPHQL.toString().equalsIgnoreCase(apiType)) {
validationResponse = retrieveValidatedSwaggerDefinitionFromArchive(extractedFolderPath);
}
// Validate the GraphQL schema
if (APIConstants.APITransportType.GRAPHQL.toString().equalsIgnoreCase(apiType)) {
graphQLSchema = retrieveValidatedGraphqlSchemaFromArchive(extractedFolderPath);
}
// Validate the WSDL of SOAP APIs
if (APIConstants.API_TYPE_SOAP.equalsIgnoreCase(apiType)) {
validateWSDLFromArchive(extractedFolderPath, importedApiDTO);
}
// Validate the AsyncAPI definition of streaming APIs
if (PublisherCommonUtils.isStreamingAPI(importedApiDTO)) {
validationResponse = retrieveValidatedAsyncApiDefinitionFromArchive(extractedFolderPath);
}
String currentTenantDomain = MultitenantUtils.getTenantDomain(APIUtil.replaceEmailDomainBack(userName));
// The status of the importing API should be stored separately to do the lifecycle change at the end
targetStatus = importedApiDTO.getLifeCycleStatus();
API targetApi = retrieveApiToOverwrite(importedApiDTO.getName(), importedApiDTO.getVersion(), currentTenantDomain, apiProvider, Boolean.TRUE, organization);
if (isAdvertiseOnlyAPI(importedApiDTO)) {
processAdvertiseOnlyPropertiesInDTO(importedApiDTO, tokenScopes);
}
Map<String, List<OperationPolicy>> extractedPoliciesMap = extractAndDropOperationPoliciesFromURITemplate(importedApiDTO.getOperations());
// If the overwrite is set to true (which means an update), retrieve the existing API
if (Boolean.TRUE.equals(overwrite) && targetApi != null) {
log.info("Existing API found, attempting to update it...");
currentStatus = targetApi.getStatus();
// Set the status of imported API to current status of target API when updating
importedApiDTO.setLifeCycleStatus(currentStatus);
// when updating an API from the UI there is at least one resource (operation) inside the DTO.
if (importedApiDTO.getOperations().isEmpty()) {
setOperationsToDTO(importedApiDTO, validationResponse);
}
targetApi.setOrganization(organization);
importedApi = PublisherCommonUtils.updateApi(targetApi, importedApiDTO, RestApiCommonUtil.getLoggedInUserProvider(), tokenScopes);
} else {
if (targetApi == null && Boolean.TRUE.equals(overwrite)) {
log.info("Cannot find : " + importedApiDTO.getName() + "-" + importedApiDTO.getVersion() + ". Creating it.");
}
// Initialize to CREATED when import
currentStatus = APIStatus.CREATED.toString();
importedApiDTO.setLifeCycleStatus(currentStatus);
importedApi = PublisherCommonUtils.addAPIWithGeneratedSwaggerDefinition(importedApiDTO, ImportExportConstants.OAS_VERSION_3, importedApiDTO.getProvider(), organization);
// Set API definition to validationResponse if the API is imported with sample API definition
if (validationResponse.isInit()) {
validationResponse.setContent(importedApi.getSwaggerDefinition());
validationResponse.setJsonContent(importedApi.getSwaggerDefinition());
}
}
if (!extractedPoliciesMap.isEmpty()) {
importedApi.setUriTemplates(validateOperationPolicies(importedApi, apiProvider, extractedFolderPath, extractedPoliciesMap, currentTenantDomain));
apiProvider.updateAPI(importedApi);
}
// Retrieving the life cycle action to do the lifecycle state change explicitly later
lifecycleAction = getLifeCycleAction(currentTenantDomain, currentStatus, targetStatus, apiProvider);
// Add/update swagger content except for streaming APIs and GraphQL APIs
if (!PublisherCommonUtils.isStreamingAPI(importedApiDTO) && !APIConstants.APITransportType.GRAPHQL.toString().equalsIgnoreCase(apiType)) {
// Add the validated swagger separately since the UI does the same procedure
PublisherCommonUtils.updateSwagger(importedApi.getUuid(), validationResponse, false, organization);
}
// Add the GraphQL schema
if (APIConstants.APITransportType.GRAPHQL.toString().equalsIgnoreCase(apiType)) {
importedApi.setOrganization(organization);
PublisherCommonUtils.addGraphQLSchema(importedApi, graphQLSchema, apiProvider);
graphqlComplexityInfo = retrieveGraphqlComplexityInfoFromArchive(extractedFolderPath, graphQLSchema);
if (graphqlComplexityInfo != null && graphqlComplexityInfo.getList().size() != 0) {
apiProvider.addOrUpdateComplexityDetails(importedApi.getUuid(), graphqlComplexityInfo);
}
}
// Add/update Async API definition for streaming APIs
if (PublisherCommonUtils.isStreamingAPI(importedApiDTO)) {
// Add the validated Async API definition separately since the UI does the same procedure
PublisherCommonUtils.updateAsyncAPIDefinition(importedApi.getUuid(), validationResponse, organization);
}
tenantId = APIUtil.getTenantId(RestApiCommonUtil.getLoggedInUsername());
// Since Image, documents, sequences and WSDL are optional, exceptions are logged and ignored in
// implementation
ApiTypeWrapper apiTypeWrapperWithUpdatedApi = new ApiTypeWrapper(importedApi);
addThumbnailImage(extractedFolderPath, apiTypeWrapperWithUpdatedApi, apiProvider);
addDocumentation(extractedFolderPath, apiTypeWrapperWithUpdatedApi, apiProvider, organization);
addAPIWsdl(extractedFolderPath, importedApi, apiProvider);
if (StringUtils.equals(importedApi.getType().toLowerCase(), APIConstants.API_TYPE_SOAPTOREST.toLowerCase())) {
addSOAPToREST(importedApi, validationResponse.getContent(), apiProvider);
}
if (!isAdvertiseOnlyAPI(importedApiDTO)) {
addAPISequences(extractedFolderPath, importedApi, apiProvider);
addAPISpecificSequences(extractedFolderPath, importedApi, apiProvider);
addEndpointCertificates(extractedFolderPath, importedApi, apiProvider, tenantId);
if (log.isDebugEnabled()) {
log.debug("Mutual SSL enabled. Importing client certificates.");
}
addClientCertificates(extractedFolderPath, apiProvider, preserveProvider, importedApi.getId().getProviderName(), organization);
}
// Change API lifecycle if state transition is required
if (StringUtils.isNotEmpty(lifecycleAction)) {
apiProvider = RestApiCommonUtil.getLoggedInUserProvider();
log.info("Changing lifecycle from " + currentStatus + " to " + targetStatus);
if (StringUtils.equals(lifecycleAction, APIConstants.LC_PUBLISH_LC_STATE)) {
apiProvider.changeAPILCCheckListItems(importedApi.getId(), ImportExportConstants.REFER_REQUIRE_RE_SUBSCRIPTION_CHECK_ITEM, true);
}
apiProvider.changeLifeCycleStatus(currentTenantDomain, new ApiTypeWrapper(importedApi), lifecycleAction, new HashMap<>());
}
importedApi.setStatus(targetStatus);
String tenantDomain = RestApiCommonUtil.getLoggedInUserTenantDomain();
if (deploymentInfoArray == null && !isAdvertiseOnlyAPI(importedApiDTO)) {
// If the params have not overwritten the deployment environments, yaml file will be read
deploymentInfoArray = retrieveDeploymentLabelsFromArchive(extractedFolderPath, dependentAPIFromProduct);
}
List<APIRevisionDeployment> apiRevisionDeployments = getValidatedDeploymentsList(deploymentInfoArray, tenantDomain, apiProvider, organization);
if (apiRevisionDeployments.size() > 0) {
String importedAPIUuid = importedApi.getUuid();
String revisionId;
APIRevision apiRevision = new APIRevision();
apiRevision.setApiUUID(importedAPIUuid);
apiRevision.setDescription("Revision created after importing the API");
try {
revisionId = apiProvider.addAPIRevision(apiRevision, tenantDomain);
if (log.isDebugEnabled()) {
log.debug("A new revision has been created for API " + importedApi.getId().getApiName() + "_" + importedApi.getId().getVersion());
}
} catch (APIManagementException e) {
// enabled, earliest revision will be deleted before creating a revision again
if (e.getErrorHandler().getErrorCode() == ExceptionCodes.from(ExceptionCodes.MAXIMUM_REVISIONS_REACHED).getErrorCode() && rotateRevision) {
String earliestRevisionUuid = apiProvider.getEarliestRevisionUUID(importedAPIUuid);
List<APIRevisionDeployment> deploymentsList = apiProvider.getAPIRevisionDeploymentList(earliestRevisionUuid);
// if the earliest revision is already deployed in gateway environments, it will be undeployed
// before deleting
apiProvider.undeployAPIRevisionDeployment(importedAPIUuid, earliestRevisionUuid, deploymentsList, organization);
apiProvider.deleteAPIRevision(importedAPIUuid, earliestRevisionUuid, tenantDomain);
revisionId = apiProvider.addAPIRevision(apiRevision, tenantDomain);
if (log.isDebugEnabled()) {
log.debug("Revision ID: " + earliestRevisionUuid + " has been undeployed from " + deploymentsList.size() + " gateway environments and created a new revision ID: " + revisionId + " for API " + importedApi.getId().getApiName() + "_" + importedApi.getId().getVersion());
}
} else {
throw new APIManagementException("Error occurred while creating a new revision for the API: " + importedApi.getId().getApiName(), e);
}
}
// Once the new revision successfully created, artifacts will be deployed in mentioned gateway
// environments
apiProvider.deployAPIRevision(importedAPIUuid, revisionId, apiRevisionDeployments, organization);
if (log.isDebugEnabled()) {
log.debug("API: " + importedApi.getId().getApiName() + "_" + importedApi.getId().getVersion() + " was deployed in " + apiRevisionDeployments.size() + " gateway environments.");
}
} else {
log.info("Valid deployment environments were not found for the imported artifact. Only working copy " + "was updated and not deployed in any of the gateway environments.");
}
return importedApi;
} catch (CryptoException | IOException e) {
throw new APIManagementException("Error while reading API meta information from path: " + extractedFolderPath, e, ExceptionCodes.ERROR_READING_META_DATA);
} catch (FaultGatewaysException e) {
throw new APIManagementException("Error while updating API: " + importedApi.getId().getApiName(), e);
} catch (APIMgtAuthorizationFailedException e) {
throw new APIManagementException("Please enable preserveProvider property for cross tenant API Import.", e, ExceptionCodes.TENANT_MISMATCH);
} catch (ParseException e) {
throw new APIManagementException("Error while parsing the endpoint configuration of the API", ExceptionCodes.JSON_PARSE_ERROR);
} catch (APIManagementException e) {
String errorMessage = "Error while importing API: ";
if (importedApi != null) {
errorMessage += importedApi.getId().getApiName() + StringUtils.SPACE + APIConstants.API_DATA_VERSION + ": " + importedApi.getId().getVersion();
}
throw new APIManagementException(errorMessage + StringUtils.SPACE + e.getMessage(), e);
}
}
Aggregations