Skip to content

Commit

Permalink
Add subscription validation support for API invocaitons
Browse files Browse the repository at this point in the history
  • Loading branch information
@ashera96
ashera96 committed Oct 18, 2023
1 parent f65a490 commit fdcb59c
Show file tree
Hide file tree
Showing 18 changed files with 284 additions and 394 deletions.
3 changes: 2 additions & 1 deletion common-controller/commoncontroller/common_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,7 @@ func runCommonEnforcerServer(server xdsv3.Server, enforcerServer wso2_server.Ser
port uint) {
var grpcOptions []grpc.ServerOption
grpcOptions = append(grpcOptions, grpc.MaxConcurrentStreams(grpcMaxConcurrentStreams))
// TODO(Ashera): Add TLS support for Common Controller - Enforcer connection
publicKeyLocation, privateKeyLocation, truststoreLocation := utils.GetKeyLocations()
cert, err := utils.GetServerCertificate(publicKeyLocation, privateKeyLocation)

Expand Down Expand Up @@ -192,7 +193,7 @@ func runCommonEnforcerServer(server xdsv3.Server, enforcerServer wso2_server.Ser
// register health service
healthservice.RegisterHealthServer(grpcServer, &health.Server{})

loggers.LoggerAPKOperator.Info("port: ", port, " management server listening")
loggers.LoggerAPKOperator.Info("port: ", port, " common enforcer server listening")
go func() {
loggers.LoggerAPKOperator.Info("Starting XDS GRPC server.")
if err = grpcServer.Serve(lis); err != nil {
Expand Down
2 changes: 1 addition & 1 deletion common-controller/internal/operator/config/samples/cp_v1alpha2_application.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,5 +18,5 @@ spec:
oauth2:
environments:
- envId: dev
appId: yef14gh8syDvTt56rdtIHYbjF_Ya # OAuth2 consumer key
appId: 45f1c5c8-a92e-11ed-afa1-0242ac120002 # OAuth2 consumer key
keyType: PRODUCTION
2 changes: 1 addition & 1 deletion common-controller/internal/operator/controllers/cp/subscription_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ func marshalSubscriptionList(subscriptionList []cpv1alpha2.Subscription) *subscr
for _, subInternal := range subscriptionList {
subscribedAPI := &subscription.SubscribedAPI{}
sub := &subscription.Subscription{
Uuid: string(subInternal.UID),
Uuid: subInternal.Name,
SubStatus: subInternal.Spec.SubscriptionStatus,
Organization: subInternal.Spec.Organization,
}
Expand Down
2 changes: 1 addition & 1 deletion ...r/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/analytics/AnalyticsUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ public static String setDefaultIfNull(String value) {
}

public static String getAPIProvider(String uuid) {
API api = SubscriptionDataHolder.getInstance().getTenantSubscriptionStore().getApiByContextAndVersion(uuid);
API api = SubscriptionDataHolder.getInstance().getSubscriptionDataStore().getApiByContextAndVersion(uuid);
if (api == null) {
return AnalyticsConstants.DEFAULT_FOR_UNASSIGNED;
}
Expand Down
8 changes: 5 additions & 3 deletions ...cer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/APIConstants.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ public class APIConstants {
public static final String API_KEY_TYPE_SANDBOX = "SANDBOX";

public static final String AUTHORIZATION_HEADER_BASIC = "Basic";
public static final String API_SECURITY_OAUTH2 = "oauth2";
public static final String API_SECURITY_OAUTH2 = "OAuth2";
public static final String API_SECURITY_BASIC_AUTH = "basic_auth";
public static final String SWAGGER_API_KEY_AUTH_TYPE_NAME = "apiKey";
public static final String SWAGGER_API_KEY_IN_HEADER = "Header";
Expand Down Expand Up @@ -125,6 +125,7 @@ public static class SubscriptionStatus {
public static final String PROD_ONLY_BLOCKED = "PROD_ONLY_BLOCKED";
public static final String ON_HOLD = "ON_HOLD";
public static final String REJECTED = "REJECTED";
public static final String INACTIVE = "INACTIVE";

private SubscriptionStatus() {

Expand All @@ -149,9 +150,10 @@ public static class JwtTokenConstants {
public static final String APPLICATION_NAME = "name";
public static final String APPLICATION_TIER = "tier";
public static final String APPLICATION_OWNER = "owner";
public static final String KEY_TYPE = "keytype";
public static final String CONSUMER_KEY = "consumerKey";
public static final String KEY_TYPE = "keyType";
public static final String CLIENT_ID = "clientId";
public static final String SUBSCRIPTION_TIER = "subscriptionTier";
public static final String SUBSCRIPTION_ORGANIZATION = "organization";
public static final String SUBSCRIBER_TENANT_DOMAIN = "subscriberTenantDomain";
public static final String TIER_INFO = "tierInfo";
public static final String STOP_ON_QUOTA_REACH = "stopOnQuotaReach";
Expand Down
3 changes: 3 additions & 0 deletions ...wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/APISecurityConstants.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,9 @@ public class APISecurityConstants {
public static final int API_AUTH_MISSING_OPEN_API_DEF = 900911;
public static final String API_AUTH_MISSING_OPEN_API_DEF_ERROR_MESSAGE = "Internal Server Error";

public static final int SUBSCRIPTION_NOT_FOUND = 900912;
public static final String SUBSCRIPTION_NOT_FOUND_MESSAGE = "Subscription validation failed";

// TODO: (renuka) check error codes with APIM: https://github.com/wso2/wso2-synapse/pull/1899/files#r809710868
public static final int OPA_AUTH_FORBIDDEN = 901101;
public static final String OPA_AUTH_FORBIDDEN_MESSAGE = "Forbidden";
Expand Down
54 changes: 21 additions & 33 deletions ...rg.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/dto/APIKeyValidationInfoDTO.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,17 +42,12 @@ public class APIKeyValidationInfoDTO implements Serializable {
private String userType;
private String endUserToken;
private String endUserName;
private int applicationId;
private String applicationName;
private String applicationTier;
//use this to pass key validation status
private int validationStatus;
private long validityPeriod;
private long issuedTime;
private List<String> authorizedDomains;
//Following throttle data list can be use to hold throttle data and api level throttle key
//should be its first element.
private List<String> throttlingDataList;
private int spikeArrestLimit;
private String subscriberTenantDomain;
private String spikeArrestUnit;
Expand All @@ -65,17 +60,11 @@ public class APIKeyValidationInfoDTO implements Serializable {
private int graphQLMaxComplexity;
private String apiVersion;
private String apiUUID;
private String apiName;
private String apiContext;
private String applicationUUID;
private Map<String, String> appAttributes;

public List<String> getThrottlingDataList() {
return throttlingDataList;
}

public void setThrottlingDataList(List<String> throttlingDataList) {
this.throttlingDataList = throttlingDataList;
}

public boolean isContentAware() {
return contentAware;
}
Expand All @@ -86,11 +75,10 @@ public void setContentAware(boolean contentAware) {

private Set<String> scopes;

private String apiName;

private String consumerKey;

private String apiPublisher;
private String securityScheme;

public boolean isAuthorized() {
return authorized;
Expand Down Expand Up @@ -140,14 +128,6 @@ public void setEndUserName(String endUserName) {
this.endUserName = endUserName;
}

public int getApplicationId() {
return applicationId;
}

public void setApplicationId(int applicationId) {
this.applicationId = applicationId;
}

public String getApplicationName() {
return applicationName;
}
Expand All @@ -156,14 +136,6 @@ public void setApplicationName(String applicationName) {
this.applicationName = applicationName;
}

public String getApplicationTier() {
return applicationTier;
}

public void setApplicationTier(String applicationTier) {
this.applicationTier = applicationTier;
}

public int getValidationStatus() {
return validationStatus;
}
Expand Down Expand Up @@ -212,6 +184,14 @@ public void setApiName(String apiName) {
this.apiName = apiName;
}

public String getApiContext() {
return apiContext;
}

public void setApiContext(String apiContext) {
this.apiContext = apiContext;
}

public String getConsumerKey() {
return consumerKey;
}
Expand All @@ -228,6 +208,14 @@ public void setApiPublisher(String apiPublisher) {
this.apiPublisher = apiPublisher;
}

public String getSecurityScheme() {
return securityScheme;
}

public void setSecurityScheme(String securityScheme) {
this.securityScheme = securityScheme;
}

public Set<String> getScopes() {
return scopes;
}
Expand All @@ -246,13 +234,12 @@ public String toString() {
append(" , userType:").append(userType).
append(" , endUserToken:").append(endUserToken).
append(" , endUserName:").append(endUserName).
append(" , applicationId:").append(applicationId).
append(" , applicationName:").append(applicationName).
append(" , applicationTier:").append(applicationTier).
append(" , validationStatus:").append(validationStatus).
append(" , validityPeriod:").append(validityPeriod).
append(" , issuedTime:").append(issuedTime).
append(" , apiName:").append(apiName).
append(" , apiContext:").append(apiContext).
append(" , consumerKey:").append(consumerKey).
append(" , spikeArrestLimit:").append(spikeArrestLimit).
append(" , spikeArrestUnit:").append(spikeArrestUnit).
Expand All @@ -261,6 +248,7 @@ public String toString() {
append(" , productName:").append(productName).
append(" , productProvider:").append(productProvider).
append(" , apiPublisher:").append(apiPublisher).
append(" , securityScheme:").append(securityScheme).
append(" , graphQLMaxDepth:").append(graphQLMaxDepth).
append(" , graphQLMaxComplexity:").append(graphQLMaxComplexity);

Expand Down
Loading

0 comments on commit fdcb59c

Please sign in to comment.