use of org.wso2.carbon.identity.api.server.idp.v1.model.Roles in project carbon-apimgt by wso2.
the class OAS3Parser method processLegacyScopes.
/**
* This method will extract scopes from legacy x-wso2-security and add them to default scheme
* @param openAPI openAPI definition
* @return
* @throws APIManagementException
*/
private OpenAPI processLegacyScopes(OpenAPI openAPI) throws APIManagementException {
Set<Scope> scopes = getScopesFromExtensions(openAPI);
if (!scopes.isEmpty()) {
if (openAPI.getComponents() == null) {
openAPI.setComponents(new Components());
}
Map<String, SecurityScheme> securitySchemes = openAPI.getComponents().getSecuritySchemes();
if (securitySchemes == null) {
securitySchemes = new HashMap<>();
openAPI.getComponents().setSecuritySchemes(securitySchemes);
}
SecurityScheme securityScheme = securitySchemes.get(OPENAPI_SECURITY_SCHEMA_KEY);
if (securityScheme == null) {
securityScheme = new SecurityScheme();
securityScheme.setType(SecurityScheme.Type.OAUTH2);
securitySchemes.put(OPENAPI_SECURITY_SCHEMA_KEY, securityScheme);
List<SecurityRequirement> security = new ArrayList<SecurityRequirement>();
SecurityRequirement secReq = new SecurityRequirement();
secReq.addList(OPENAPI_SECURITY_SCHEMA_KEY, new ArrayList<String>());
security.add(secReq);
openAPI.setSecurity(security);
}
if (securityScheme.getFlows() == null) {
securityScheme.setFlows(new OAuthFlows());
}
OAuthFlow oAuthFlow = securityScheme.getFlows().getImplicit();
if (oAuthFlow == null) {
oAuthFlow = new OAuthFlow();
securityScheme.getFlows().setImplicit(oAuthFlow);
}
oAuthFlow.setAuthorizationUrl(OPENAPI_DEFAULT_AUTHORIZATION_URL);
Scopes oas3Scopes = oAuthFlow.getScopes() != null ? oAuthFlow.getScopes() : new Scopes();
if (scopes != null && !scopes.isEmpty()) {
Map<String, String> scopeBindings = new HashMap<>();
if (oAuthFlow.getExtensions() != null) {
scopeBindings = (Map<String, String>) oAuthFlow.getExtensions().get(APIConstants.SWAGGER_X_SCOPES_BINDINGS) != null ? (Map<String, String>) oAuthFlow.getExtensions().get(APIConstants.SWAGGER_X_SCOPES_BINDINGS) : new HashMap<>();
}
for (Scope scope : scopes) {
oas3Scopes.put(scope.getKey(), scope.getDescription());
String roles = (StringUtils.isNotBlank(scope.getRoles()) && scope.getRoles().trim().split(",").length > 0) ? scope.getRoles() : StringUtils.EMPTY;
scopeBindings.put(scope.getKey(), roles);
}
oAuthFlow.addExtension(APIConstants.SWAGGER_X_SCOPES_BINDINGS, scopeBindings);
}
oAuthFlow.setScopes(oas3Scopes);
}
return openAPI;
}
use of org.wso2.carbon.identity.api.server.idp.v1.model.Roles in project carbon-apimgt by wso2.
the class OAS3Parser method updateSwaggerSecurityDefinition.
/**
* Include Scope details to the definition
*
* @param openAPI openapi definition
* @param swaggerData Swagger related API data
*/
private void updateSwaggerSecurityDefinition(OpenAPI openAPI, SwaggerData swaggerData, String authUrl) {
if (openAPI.getComponents() == null) {
openAPI.setComponents(new Components());
}
Map<String, SecurityScheme> securitySchemes = openAPI.getComponents().getSecuritySchemes();
if (securitySchemes == null) {
securitySchemes = new HashMap<>();
openAPI.getComponents().setSecuritySchemes(securitySchemes);
}
SecurityScheme securityScheme = securitySchemes.get(OPENAPI_SECURITY_SCHEMA_KEY);
if (securityScheme == null) {
securityScheme = new SecurityScheme();
securityScheme.setType(SecurityScheme.Type.OAUTH2);
securitySchemes.put(OPENAPI_SECURITY_SCHEMA_KEY, securityScheme);
List<SecurityRequirement> security = new ArrayList<SecurityRequirement>();
SecurityRequirement secReq = new SecurityRequirement();
secReq.addList(OPENAPI_SECURITY_SCHEMA_KEY, new ArrayList<String>());
security.add(secReq);
openAPI.setSecurity(security);
}
if (securityScheme.getFlows() == null) {
securityScheme.setFlows(new OAuthFlows());
}
OAuthFlow oAuthFlow = securityScheme.getFlows().getImplicit();
if (oAuthFlow == null) {
oAuthFlow = new OAuthFlow();
securityScheme.getFlows().setImplicit(oAuthFlow);
}
oAuthFlow.setAuthorizationUrl(authUrl);
Scopes oas3Scopes = new Scopes();
Set<Scope> scopes = swaggerData.getScopes();
if (scopes != null && !scopes.isEmpty()) {
Map<String, String> scopeBindings = new HashMap<>();
for (Scope scope : scopes) {
String description = scope.getDescription() != null ? scope.getDescription() : "";
oas3Scopes.put(scope.getKey(), description);
String roles = (StringUtils.isNotBlank(scope.getRoles()) && scope.getRoles().trim().split(",").length > 0) ? scope.getRoles() : StringUtils.EMPTY;
scopeBindings.put(scope.getKey(), roles);
}
oAuthFlow.addExtension(APIConstants.SWAGGER_X_SCOPES_BINDINGS, scopeBindings);
}
oAuthFlow.setScopes(oas3Scopes);
}
use of org.wso2.carbon.identity.api.server.idp.v1.model.Roles in project carbon-apimgt by wso2.
the class UserSignUpWorkflowExecutor method updateRolesOfUser.
/**
* Method updates Roles users with list of roles
*
* @param userName
* @param tenantDomain
* @param roleList
* @throws Exception
*/
protected static void updateRolesOfUser(String userName, List<String> roleList, String tenantDomain) throws Exception {
if (log.isDebugEnabled()) {
log.debug("Adding roles to " + userName + "in " + tenantDomain + " Domain");
}
RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(tenantDomain);
UserRealm realm = (UserRealm) realmService.getTenantUserRealm(tenantId);
UserStoreManager manager = realm.getUserStoreManager();
if (manager.isExistingUser(userName)) {
// check whether given roles exist
for (String role : roleList) {
if (!manager.isExistingRole(role)) {
log.error("Could not find role " + role + " in the user store");
throw new Exception("Could not find role " + role + " in the user store");
}
}
manager.updateRoleListOfUser(userName, null, roleList.toArray(new String[0]));
} else {
log.error("User does not exist. Unable to approve user " + userName);
}
}
use of org.wso2.carbon.identity.api.server.idp.v1.model.Roles in project carbon-apimgt by wso2.
the class ApiMgtDAO method getThrottleTierPermission.
public TierPermissionDTO getThrottleTierPermission(String tierName, int tenantId) throws APIManagementException {
Connection conn = null;
PreparedStatement ps = null;
ResultSet resultSet = null;
TierPermissionDTO tierPermission = null;
try {
String getTierPermissionQuery = SQLConstants.GET_THROTTLE_TIER_PERMISSION_SQL;
conn = APIMgtDBUtil.getConnection();
ps = conn.prepareStatement(getTierPermissionQuery);
ps.setString(1, tierName);
ps.setInt(2, tenantId);
resultSet = ps.executeQuery();
while (resultSet.next()) {
tierPermission = new TierPermissionDTO();
tierPermission.setTierName(tierName);
tierPermission.setPermissionType(resultSet.getString("PERMISSIONS_TYPE"));
String roles = resultSet.getString("ROLES");
if (roles != null) {
String[] roleList = roles.split(",");
tierPermission.setRoles(roleList);
}
}
} catch (SQLException e) {
handleException("Failed to get Tier permission information for Tier " + tierName, e);
} finally {
APIMgtDBUtil.closeAllConnections(ps, conn, resultSet);
}
return tierPermission;
}
use of org.wso2.carbon.identity.api.server.idp.v1.model.Roles in project carbon-apimgt by wso2.
the class APIProviderImplTest method testCreateNewAPIVersion.
@Test
public void testCreateNewAPIVersion() throws Exception {
// Create Original API
APIIdentifier apiId = new APIIdentifier("admin", "API1", "1.0.0");
API api = new API(apiId);
api.setContext("/test");
api.setVisibility("Public");
api.setStatus(APIConstants.CREATED);
api.setWsdlUrl("https://localhost:9443/services/echo?wsdl");
api.setOrganization("carbon.super");
long time = System.currentTimeMillis();
String newVersion = "1.0.1";
// Create new API object
APIIdentifier newApiId = new APIIdentifier("admin", "API1", "1.0.1");
final API newApi = new API(newApiId);
newApi.setStatus(APIConstants.CREATED);
newApi.setContext("/test");
newApi.setWsdlUrl("/registry/resource/_system/governance/apimgt/applicationdata/wsdls/admin--API11.0.0.wsdl");
// Create Documentation List
List<Documentation> documentationList = getDocumentationList();
final APIProviderImplWrapper apiProvider = new APIProviderImplWrapper(apiPersistenceInstance, apimgtDAO, scopesDAO, documentationList, null);
RegistryService registryService = Mockito.mock(RegistryService.class);
UserRegistry userRegistry = Mockito.mock(UserRegistry.class);
ServiceReferenceHolder serviceReferenceHolder = TestUtils.getServiceReferenceHolder();
RealmService realmService = Mockito.mock(RealmService.class);
TenantManager tenantManager = Mockito.mock(TenantManager.class);
Mockito.when(artifactManager.newGovernanceArtifact(any(QName.class))).thenReturn(artifact);
Mockito.when(APIUtil.createAPIArtifactContent(artifact, api)).thenReturn(artifact);
PowerMockito.when(ServiceReferenceHolder.getInstance()).thenReturn(serviceReferenceHolder);
Mockito.when(serviceReferenceHolder.getRegistryService()).thenReturn(registryService);
Mockito.when(registryService.getConfigSystemRegistry(Mockito.anyInt())).thenReturn(userRegistry);
Mockito.when(serviceReferenceHolder.getRealmService()).thenReturn(realmService);
Mockito.when(realmService.getTenantManager()).thenReturn(tenantManager);
GenericArtifact artifactNew = Mockito.mock(GenericArtifact.class);
Mockito.when(APIUtil.createAPIArtifactContent(artifact, newApi)).thenReturn(artifactNew);
PublisherAPI publisherAPI = Mockito.mock(PublisherAPI.class);
Mockito.when(publisherAPI.getVersionTimestamp()).thenReturn(String.valueOf(time));
PowerMockito.when(apiPersistenceInstance.addAPI(any(Organization.class), any(PublisherAPI.class))).thenReturn(publisherAPI);
API returnedAPI = apiProvider.addAPI(api);
Assert.assertTrue(StringUtils.isNotEmpty(returnedAPI.getVersionTimestamp()));
String targetPath = APIConstants.API_LOCATION + RegistryConstants.PATH_SEPARATOR + api.getId().getProviderName() + RegistryConstants.PATH_SEPARATOR + api.getId().getApiName() + RegistryConstants.PATH_SEPARATOR + newVersion + APIConstants.API_RESOURCE_NAME;
String apiSourcePath = APIConstants.API_LOCATION + RegistryConstants.PATH_SEPARATOR + apiId.getProviderName() + RegistryConstants.PATH_SEPARATOR + apiId.getApiName() + RegistryConstants.PATH_SEPARATOR + apiId.getVersion() + APIConstants.API_RESOURCE_NAME;
PowerMockito.when(APIUtil.getAPIPath(apiId)).thenReturn(apiSourcePath);
String apiSourceUUID = "87ty543-899hyt";
Mockito.when(apiProvider.registry.resourceExists(targetPath)).thenReturn(false);
Mockito.doNothing().when(apiProvider.registry).beginTransaction();
Mockito.doNothing().when(apiProvider.registry).commitTransaction();
Resource apiSourceArtifact = Mockito.mock(Resource.class);
Mockito.when(apiProvider.registry.get(apiSourcePath)).thenReturn(apiSourceArtifact);
// Mocking Old API retrieval
Mockito.when(apiSourceArtifact.getUUID()).thenReturn(apiSourceUUID);
Mockito.when(artifact.getAttribute(APIConstants.API_OVERVIEW_STATUS)).thenReturn("PUBLISHED");
Mockito.when(artifact.getAttribute(APIConstants.API_OVERVIEW_CONTEXT)).thenReturn("test");
Mockito.when(artifact.getAttribute(APIConstants.API_OVERVIEW_CONTEXT_TEMPLATE)).thenReturn("test/{version}");
Mockito.when(artifact.getAttribute(APIConstants.API_OVERVIEW_WEBSOCKET)).thenReturn("false");
Mockito.when(artifact.getAttribute(APIConstants.API_OVERVIEW_VISIBLE_ROLES)).thenReturn("admin, subscriber");
Mockito.when(artifactManager.getGenericArtifact(apiSourceUUID)).thenReturn(artifact);
// Mocking thumbnail
String thumbUrl = APIConstants.API_IMAGE_LOCATION + RegistryConstants.PATH_SEPARATOR + api.getId().getProviderName() + RegistryConstants.PATH_SEPARATOR + api.getId().getApiName() + RegistryConstants.PATH_SEPARATOR + api.getId().getVersion() + RegistryConstants.PATH_SEPARATOR + APIConstants.API_ICON_IMAGE;
Resource image = Mockito.mock(Resource.class);
Mockito.when(apiProvider.registry.get(thumbUrl)).thenReturn(image);
Mockito.when(apiProvider.registry.resourceExists(thumbUrl)).thenReturn(true);
// Mocking In sequence retrieval
String inSeqFilePath = "API1/1.0.0/in";
PowerMockito.when(APIUtil.getSequencePath(api.getId(), "in")).thenReturn(inSeqFilePath);
Mockito.when(apiProvider.registry.resourceExists(inSeqFilePath)).thenReturn(true);
Collection inSeqCollection = Mockito.mock(Collection.class);
Mockito.when(apiProvider.registry.get(inSeqFilePath)).thenReturn(inSeqCollection);
String[] inSeqChildPaths = { "path1" };
Mockito.when(inSeqCollection.getChildren()).thenReturn(inSeqChildPaths);
Mockito.when(apiProvider.registry.get(inSeqChildPaths[0])).thenReturn(apiSourceArtifact);
InputStream responseStream = IOUtils.toInputStream("<sequence name=\"in-seq\"></sequence>", "UTF-8");
OMElement seqElment = buildOMElement(responseStream);
PowerMockito.when(APIUtil.buildOMElement(responseStream)).thenReturn(seqElment);
Mockito.when(apiSourceArtifact.getContentStream()).thenReturn(responseStream);
// Mocking Out sequence retrieval
Resource apiSourceArtifact1 = Mockito.mock(Resource.class);
String outSeqFilePath = "API1/1.0.0/out";
PowerMockito.when(APIUtil.getSequencePath(api.getId(), "out")).thenReturn(outSeqFilePath);
Mockito.when(apiProvider.registry.resourceExists(outSeqFilePath)).thenReturn(true);
Collection outSeqCollection = Mockito.mock(Collection.class);
Mockito.when(apiProvider.registry.get(outSeqFilePath)).thenReturn(outSeqCollection);
String[] outSeqChildPaths = { "path2" };
Mockito.when(outSeqCollection.getChildren()).thenReturn(outSeqChildPaths);
Mockito.when(apiProvider.registry.get(outSeqChildPaths[0])).thenReturn(apiSourceArtifact1);
InputStream responseStream2 = IOUtils.toInputStream("<sequence name=\"in-seq\"></sequence>", "UTF-8");
OMElement seqElment2 = buildOMElement(responseStream2);
PowerMockito.when(APIUtil.buildOMElement(responseStream2)).thenReturn(seqElment2);
Mockito.when(apiSourceArtifact1.getContentStream()).thenReturn(responseStream2);
// Mock Adding new API artifact with new version
Mockito.doAnswer(new Answer<Void>() {
@Override
public Void answer(InvocationOnMock invocation) throws Throwable {
apiProvider.createAPI(newApi);
return null;
}
}).when(artifactManager).addGenericArtifact(artifact);
Mockito.doNothing().when(artifact).attachLifecycle(APIConstants.API_LIFE_CYCLE);
PowerMockito.when(APIUtil.getAPIProviderPath(api.getId())).thenReturn("/dummy/provider/path");
Mockito.doNothing().when(apiProvider.registry).addAssociation("/dummy/provider/path", targetPath, APIConstants.PROVIDER_ASSOCIATION);
PowerMockito.when(GovernanceUtils.getArtifactPath(apiProvider.registry, artifact.getId())).thenReturn(artifactPath);
PowerMockito.doNothing().when(APIUtil.class);
String[] roles = { "admin", "subscriber" };
APIUtil.setResourcePermissions("admin", "Public", roles, artifactPath);
// Mock no tags case
Mockito.when(apiProvider.registry.getTags(apiSourcePath)).thenReturn(null);
// Mock WSDL retrieval
String wsdlUrl = APIUtil.getWSDLDefinitionFilePath(api.getId().getApiName(), api.getId().getVersion(), api.getId().getProviderName());
PowerMockito.when(apiProvider.registry.resourceExists(wsdlUrl)).thenReturn(true);
// Mock new API retrieval
String newApiPath = "API1/1.0.1/";
PowerMockito.when(APIUtil.getAPIPath(newApi.getId())).thenReturn(newApiPath);
String newApiUUID = "87ty543-899hy23";
GenericArtifact newArtifact = Mockito.mock(GenericArtifact.class);
Resource newApiResource = Mockito.mock(Resource.class);
Mockito.when(newApiResource.getUUID()).thenReturn(newApiUUID);
Mockito.when(apiProvider.registry.get(newApiPath)).thenReturn(newApiResource);
Mockito.when(artifactManager.getGenericArtifact(newApiUUID)).thenReturn(newArtifact);
PowerMockito.when(APIUtil.getAPI(newArtifact, apiProvider.registry, api.getId(), "test")).thenReturn(newApi);
// Swagger resource
String resourcePath = APIUtil.getOpenAPIDefinitionFilePath(api.getId().getApiName(), api.getId().getVersion(), api.getId().getProviderName());
Mockito.when(apiProvider.registry.resourceExists(resourcePath + APIConstants.API_OAS_DEFINITION_RESOURCE_NAME)).thenReturn(true);
PowerMockito.mockStatic(OASParserUtil.class);
Mockito.when(OASParserUtil.getAPIDefinition(apiId, apiProvider.registry)).thenReturn("{\"info\": {\"swagger\":\"data\"}}");
Mockito.doNothing().when(artifactManager).updateGenericArtifact(artifact);
// WSDL
String newWsdlResourcePath = APIUtil.getWSDLDefinitionFilePath(newApi.getId().getApiName(), newApi.getId().getVersion(), newApi.getId().getProviderName());
PowerMockito.when(apiProvider.registry.copy(resourcePath, newWsdlResourcePath)).thenReturn(newWsdlResourcePath);
// Mock Config system registry
PowerMockito.when(tenantManager.getTenantId(Matchers.anyString())).thenReturn(-1234);
AuthorizationManager authManager = Mockito.mock(AuthorizationManager.class);
UserRealm userRealm = Mockito.mock(UserRealm.class);
PowerMockito.when(realmService.getTenantUserRealm(-1234)).thenReturn(userRealm);
PowerMockito.when(userRealm.getAuthorizationManager()).thenReturn(authManager);
}
Aggregations