Search in sources :

Example 51 with Property

use of org.wso2.carbon.identity.application.common.model.Property in project carbon-apimgt by wso2.

the class SecurityConfigContextTest method testSecurityConfigContextForAPIProduct.

@Test
public void testSecurityConfigContextForAPIProduct() throws Exception {
    APIProduct apiProduct = new APIProduct(new APIProductIdentifier("admin", "TestProduct", "1.0.0"));
    apiProduct.setUuid(UUID.randomUUID().toString());
    String apiid = UUID.randomUUID().toString();
    List<APIProductResource> apiProductResourceList = new ArrayList<>();
    APIProductResource apiProductResource = new APIProductResource();
    apiProductResource.setApiIdentifier(new APIIdentifier("admin_api1_v1"));
    apiProductResource.setApiId(apiid);
    Map<String, EndpointSecurity> endpointSecurityMap = new HashMap<>();
    EndpointSecurity endpointSecurity = new EndpointSecurity();
    endpointSecurity.setType("BASIC");
    endpointSecurity.setUsername("admin");
    endpointSecurity.setPassword("admin123");
    endpointSecurity.setEnabled(true);
    endpointSecurityMap.put("production", endpointSecurity);
    apiProductResource.setApiId(apiid);
    apiProductResource.setEndpointSecurityMap(endpointSecurityMap);
    apiProductResourceList.add(apiProductResource);
    apiProduct.setProductResources(apiProductResourceList);
    ConfigContext configcontext = new APIConfigContext(apiProduct);
    Mockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.API_SECUREVAULT_ENABLE)).thenReturn("true");
    Map<String, APIDTO> apidtoMap = new HashMap<>();
    apidtoMap.put(apiid, new APIDTO().name("api1").version("v1").provider("admin"));
    SecurityConfigContext securityConfigContext = new SecurityConfigContextWrapper(configcontext, apiProduct, apiManagerConfiguration, apidtoMap);
    securityConfigContext.validate();
    VelocityContext velocityContext = securityConfigContext.getContext();
    Assert.assertNotNull(velocityContext.get("endpoint_security"));
    Map<String, Map<String, EndpointSecurityModel>> endpointSecurityModelMap = (Map<String, Map<String, EndpointSecurityModel>>) velocityContext.get("endpoint_security");
    Map<String, EndpointSecurityModel> endpointSecurityModelMap1 = endpointSecurityModelMap.get(apiProductResource.getApiId());
    EndpointSecurityModel production = endpointSecurityModelMap1.get("production");
    Assert.assertTrue("Property enabled cannot be false.", production.isEnabled());
    Assert.assertTrue("Property type cannot be other.", production.getType().equalsIgnoreCase("basic"));
    Assert.assertTrue("Property username does not match.", "admin".equals(production.getUsername()));
    Assert.assertTrue("Property base64value does not match. ", new String(Base64.encodeBase64("admin:admin123".getBytes())).equalsIgnoreCase(production.getBase64EncodedPassword()));
    Assert.assertTrue("Property securevault_alias does not match.", "TestProduct--v1.0.0--api1--vv1--production".equalsIgnoreCase(production.getAlias()));
    Assert.assertTrue("Property isSecureVaultEnabled cannot be false. ", velocityContext.get("isSecureVaultEnabled").equals(true));
}
Also used : SecurityConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.SecurityConfigContext) HashMap(java.util.HashMap) VelocityContext(org.apache.velocity.VelocityContext) ArrayList(java.util.ArrayList) EndpointSecurity(org.wso2.carbon.apimgt.api.model.EndpointSecurity) APIProduct(org.wso2.carbon.apimgt.api.model.APIProduct) APIProductIdentifier(org.wso2.carbon.apimgt.api.model.APIProductIdentifier) APIDTO(org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.APIDTO) APIProductResource(org.wso2.carbon.apimgt.api.model.APIProductResource) EndpointSecurityModel(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.EndpointSecurityModel) APIIdentifier(org.wso2.carbon.apimgt.api.model.APIIdentifier) HashMap(java.util.HashMap) Map(java.util.Map) APIConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.APIConfigContext) ConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.ConfigContext) SecurityConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.SecurityConfigContext) APIConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.APIConfigContext) Test(org.junit.Test)

Example 52 with Property

use of org.wso2.carbon.identity.application.common.model.Property in project carbon-apimgt by wso2.

the class SecurityConfigContextTest method testSecurityConfigContextPerEndpointBothType.

@Test
public void testSecurityConfigContextPerEndpointBothType() throws Exception {
    String json = "{\"endpoint_security\":{\n" + "  \"production\":{\n" + "    \"enabled\":true,\n" + "    \"type\":\"BASIC\",\n" + "    \"username\":\"admin\",\n" + "    \"password\":\"admin123#QA\"\n" + "  },\n" + "  \"sandbox\":{\n" + "    \"enabled\":true,\n" + "    \"type\":\"DIGEST\",\n" + "    \"username\":\"admin\",\n" + "    \"password\":\"admin123\"\n" + "  }\n" + "  }\n" + "}";
    API api = new API(new APIIdentifier("admin", "TestAPI", "1.0.0"));
    api.setStatus(APIConstants.CREATED);
    api.setContextTemplate("/");
    api.setTransports(Constants.TRANSPORT_HTTP);
    api.setEndpointConfig(json);
    ConfigContext configcontext = new APIConfigContext(api);
    Mockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.API_SECUREVAULT_ENABLE)).thenReturn("true");
    SecurityConfigContext securityConfigContext = new SecurityConfigContextWrapper(configcontext, api, apiManagerConfiguration);
    securityConfigContext.validate();
    VelocityContext velocityContext = securityConfigContext.getContext();
    Assert.assertNotNull(velocityContext.get("endpoint_security"));
    Map<String, EndpointSecurityModel> endpointSecurityModelMap = (Map<String, EndpointSecurityModel>) velocityContext.get("endpoint_security");
    EndpointSecurityModel production = endpointSecurityModelMap.get("production");
    Assert.assertTrue("Property enabled cannot be false.", production.isEnabled());
    Assert.assertTrue("Property type cannot be other.", production.getType().equalsIgnoreCase("basic"));
    Assert.assertTrue("Property username does not match.", "admin".equals(production.getUsername()));
    Assert.assertTrue("Property base64value does not match. ", new String(Base64.encodeBase64("admin:admin123#QA".getBytes())).equalsIgnoreCase(production.getBase64EncodedPassword()));
    Assert.assertTrue("Property securevault_alias does not match.", "TestAPI--v1.0.0--production".equalsIgnoreCase(production.getAlias()));
    EndpointSecurityModel sandbox = endpointSecurityModelMap.get("sandbox");
    Assert.assertTrue("Property enabled cannot be false.", sandbox.isEnabled());
    Assert.assertTrue("Property type cannot be other.", sandbox.getType().equalsIgnoreCase("digest"));
    Assert.assertTrue("Property username does not match.", "admin".equals(sandbox.getUsername()));
    Assert.assertTrue("Property base64value does not match. ", new String(Base64.encodeBase64("admin:admin123".getBytes())).equalsIgnoreCase(sandbox.getBase64EncodedPassword()));
    Assert.assertTrue("Property securevault_alias does not match.", "TestAPI--v1.0.0--sandbox".equalsIgnoreCase(sandbox.getAlias()));
    Assert.assertTrue("Property isSecureVaultEnabled cannot be false. ", velocityContext.get("isSecureVaultEnabled").equals(true));
}
Also used : SecurityConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.SecurityConfigContext) VelocityContext(org.apache.velocity.VelocityContext) EndpointSecurityModel(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.EndpointSecurityModel) API(org.wso2.carbon.apimgt.api.model.API) APIIdentifier(org.wso2.carbon.apimgt.api.model.APIIdentifier) HashMap(java.util.HashMap) Map(java.util.Map) APIConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.APIConfigContext) ConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.ConfigContext) SecurityConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.SecurityConfigContext) APIConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.APIConfigContext) Test(org.junit.Test)

Example 53 with Property

use of org.wso2.carbon.identity.application.common.model.Property in project carbon-apimgt by wso2.

the class SecurityConfigContextTest method testSecurityConfigContextPerEndpointProductionType.

@Test
public void testSecurityConfigContextPerEndpointProductionType() throws Exception {
    String json = "{\"endpoint_security\":{\n" + "  \"production\":{\n" + "    \"enabled\":true,\n" + "    \"type\":\"BASIC\",\n" + "    \"username\":\"admin\",\n" + "    \"password\":\"admin123#QA\"\n" + "  }\n" + "  }\n" + "}";
    API api = new API(new APIIdentifier("admin", "TestAPI", "1.0.0"));
    api.setStatus(APIConstants.CREATED);
    api.setContextTemplate("/");
    api.setTransports(Constants.TRANSPORT_HTTP);
    api.setEndpointConfig(json);
    ConfigContext configcontext = new APIConfigContext(api);
    Mockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.API_SECUREVAULT_ENABLE)).thenReturn("true");
    SecurityConfigContext securityConfigContext = new SecurityConfigContextWrapper(configcontext, api, apiManagerConfiguration);
    securityConfigContext.validate();
    VelocityContext velocityContext = securityConfigContext.getContext();
    Assert.assertNotNull(velocityContext.get("endpoint_security"));
    Map<String, EndpointSecurityModel> endpointSecurityModelMap = (Map<String, EndpointSecurityModel>) velocityContext.get("endpoint_security");
    EndpointSecurityModel production = endpointSecurityModelMap.get("production");
    Assert.assertTrue("Property enabled cannot be false.", production.isEnabled());
    Assert.assertTrue("Property type cannot be other.", production.getType().equalsIgnoreCase("basic"));
    Assert.assertTrue("Property username does not match.", "admin".equals(production.getUsername()));
    Assert.assertTrue("Property base64value does not match. ", new String(Base64.encodeBase64("admin:admin123#QA".getBytes())).equalsIgnoreCase(production.getBase64EncodedPassword()));
    Assert.assertTrue("Property securevault_alias does not match.", "TestAPI--v1.0.0--production".equalsIgnoreCase(production.getAlias()));
    Assert.assertTrue("Property isSecureVaultEnabled cannot be false. ", velocityContext.get("isSecureVaultEnabled").equals(true));
    EndpointSecurityModel sandbox = endpointSecurityModelMap.get("sandbox");
    Assert.assertFalse("Property enabled cannot be true.", sandbox.isEnabled());
}
Also used : SecurityConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.SecurityConfigContext) VelocityContext(org.apache.velocity.VelocityContext) EndpointSecurityModel(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.EndpointSecurityModel) API(org.wso2.carbon.apimgt.api.model.API) APIIdentifier(org.wso2.carbon.apimgt.api.model.APIIdentifier) HashMap(java.util.HashMap) Map(java.util.Map) APIConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.APIConfigContext) ConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.ConfigContext) SecurityConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.SecurityConfigContext) APIConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.APIConfigContext) Test(org.junit.Test)

Example 54 with Property

use of org.wso2.carbon.identity.application.common.model.Property in project carbon-apimgt by wso2.

the class SecurityConfigContextTest method testSecurityConfigContextForAPIProductWithOAuth.

@Test
public void testSecurityConfigContextForAPIProductWithOAuth() throws Exception {
    APIProduct apiProduct = new APIProduct(new APIProductIdentifier("admin", "TestProduct", "1.0.0"));
    apiProduct.setUuid(UUID.randomUUID().toString());
    String apiid = UUID.randomUUID().toString();
    List<APIProductResource> apiProductResourceList = new ArrayList<>();
    APIProductResource apiProductResource = new APIProductResource();
    apiProductResource.setApiIdentifier(new APIIdentifier("admin_api1_v1"));
    apiProductResource.setApiId(apiid);
    Map<String, EndpointSecurity> endpointSecurityMap = new HashMap<>();
    EndpointSecurity endpointSecurity = new EndpointSecurity();
    endpointSecurity.setType("oauth");
    endpointSecurity.setClientId("123-456");
    endpointSecurity.setClientSecret("admin123");
    endpointSecurity.setGrantType("client_credentials");
    endpointSecurity.setEnabled(true);
    endpointSecurityMap.put("production", endpointSecurity);
    apiProductResource.setApiId(apiid);
    apiProductResource.setEndpointSecurityMap(endpointSecurityMap);
    apiProductResourceList.add(apiProductResource);
    apiProduct.setProductResources(apiProductResourceList);
    ConfigContext configcontext = new APIConfigContext(apiProduct);
    Mockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.API_SECUREVAULT_ENABLE)).thenReturn("true");
    Map<String, APIDTO> apidtoMap = new HashMap<>();
    apidtoMap.put(apiid, new APIDTO().name("api1").version("v1").provider("admin").id(UUID.randomUUID().toString()));
    SecurityConfigContext securityConfigContext = new SecurityConfigContextWrapper(configcontext, apiProduct, apiManagerConfiguration, apidtoMap);
    securityConfigContext.validate();
    VelocityContext velocityContext = securityConfigContext.getContext();
    Assert.assertNotNull(velocityContext.get("endpoint_security"));
    Map<String, Map<String, EndpointSecurityModel>> endpointSecurityModelMap = (Map<String, Map<String, EndpointSecurityModel>>) velocityContext.get("endpoint_security");
    Map<String, EndpointSecurityModel> endpointSecurityModelMap1 = endpointSecurityModelMap.get(apiProductResource.getApiId());
    EndpointSecurityModel production = endpointSecurityModelMap1.get("production");
    Assert.assertTrue("Property enabled cannot be false.", production.isEnabled());
    Assert.assertTrue("Property type cannot be other.", production.getType().equalsIgnoreCase("oauth"));
    Assert.assertTrue("Property username does not match.", "123-456".equals(production.getClientId()));
    Assert.assertEquals(production.getClientSecretAlias(), "TestProduct--v1.0.0--api1--vv1--oauth--clientSecret" + "--production");
    Assert.assertTrue("Property isSecureVaultEnabled cannot be false. ", velocityContext.get("isSecureVaultEnabled").equals(true));
}
Also used : SecurityConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.SecurityConfigContext) HashMap(java.util.HashMap) VelocityContext(org.apache.velocity.VelocityContext) ArrayList(java.util.ArrayList) EndpointSecurity(org.wso2.carbon.apimgt.api.model.EndpointSecurity) APIProduct(org.wso2.carbon.apimgt.api.model.APIProduct) APIProductIdentifier(org.wso2.carbon.apimgt.api.model.APIProductIdentifier) APIDTO(org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.APIDTO) APIProductResource(org.wso2.carbon.apimgt.api.model.APIProductResource) EndpointSecurityModel(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.EndpointSecurityModel) APIIdentifier(org.wso2.carbon.apimgt.api.model.APIIdentifier) HashMap(java.util.HashMap) Map(java.util.Map) APIConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.APIConfigContext) ConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.ConfigContext) SecurityConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.SecurityConfigContext) APIConfigContext(org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.APIConfigContext) Test(org.junit.Test)

Example 55 with Property

use of org.wso2.carbon.identity.application.common.model.Property in project carbon-apimgt by wso2.

the class TemplateBuilderUtilTest method testAdditionalPropertyWithStoreVisibilityReplacement.

@Test
public void testAdditionalPropertyWithStoreVisibilityReplacement() {
    API api = new API(new APIIdentifier("admin", "API", "1.0"));
    api.addProperty("test__display", "true");
    api.addProperty("property", "true");
    JSONObject modifiedProperties = TemplateBuilderUtil.getModifiedProperties(api.getAdditionalProperties());
    Assert.assertEquals("Additional Properties count mismatched", 3, modifiedProperties.size());
    Assert.assertNotNull("Converted additional Property is not available", modifiedProperties.get("test"));
    Assert.assertEquals("Converted property does not have the original value", api.getProperty("test__display"), modifiedProperties.get("test"));
}
Also used : JSONObject(org.json.simple.JSONObject) API(org.wso2.carbon.apimgt.api.model.API) APIIdentifier(org.wso2.carbon.apimgt.api.model.APIIdentifier) Test(org.junit.Test)

Aggregations

HashMap (java.util.HashMap)42 ArrayList (java.util.ArrayList)32 APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)32 Resource (org.wso2.carbon.registry.core.Resource)23 Map (java.util.Map)21 Test (org.junit.Test)21 RegistryException (org.wso2.carbon.registry.core.exceptions.RegistryException)21 DataResponse (org.wso2.carbon.bpmn.rest.model.common.DataResponse)17 API (org.wso2.carbon.apimgt.api.model.API)16 UserStoreException (org.wso2.carbon.user.api.UserStoreException)16 Path (javax.ws.rs.Path)14 Produces (javax.ws.rs.Produces)14 JSONObject (org.json.simple.JSONObject)14 APIIdentifier (org.wso2.carbon.apimgt.api.model.APIIdentifier)14 List (java.util.List)13 IOException (java.io.IOException)11 QName (javax.xml.namespace.QName)11 APIProductResource (org.wso2.carbon.apimgt.api.model.APIProductResource)11 Properties (java.util.Properties)10 GovernanceException (org.wso2.carbon.governance.api.exception.GovernanceException)10