[DRAFT] Revert "Add JWT authentication"

adapter/api/proto/wso2/discovery/api/api_authentication.proto

@@ -35,17 +35,16 @@ message APIKey {
 message JWT {
   string header         = 1; // name of the header containing the JWT
   bool sendTokenToUpstream  = 2; // send the token to upstream
-  repeated string audience = 3;
-}
-
-message Oauth2 {
-  string header         = 1; // name of the header containing the JWT
-  bool sendTokenToUpstream  = 2; // send the token to upstream
 }
 
 message APIAuthentication {
   bool disabled          = 1; // disable authentication
   JWT jwt = 2;
   repeated APIKey apikey = 3;
-  Oauth2 Oauth2 = 4;
+  TestConsoleKey testConsoleKey = 4;
+}
+
+message TestConsoleKey {
+  string header         = 1; // name of the header containing the test key
+  bool sendTokenToUpstream  = 2; // send the token to upstream
 }

adapter/internal/oasparser/config_generator.go

@@ -258,7 +258,6 @@ func castAPIAuthenticationsToEnforcerAPIAuthentications(authentication *model.Au
 		enforcerAuthentication.Jwt = &api.JWT{
 			Header:              strings.ToLower(authentication.JWT.Header),
 			SendTokenToUpstream: authentication.JWT.SendTokenToUpstream,
-			Audience: authentication.JWT.Audience,
 		}
 	}
 	var apiKeys []*api.APIKey
@@ -274,12 +273,19 @@ func castAPIAuthenticationsToEnforcerAPIAuthentications(authentication *model.Au
 		})
 	}
 	enforcerAuthentication.Apikey = apiKeys
-	if authentication.Oauth2 != nil {
-		enforcerAuthentication.Oauth2 = &api.Oauth2{
-			Header:              strings.ToLower(authentication.Oauth2.Header),
-			SendTokenToUpstream: authentication.Oauth2.SendTokenToUpstream,
+	if authentication.TestConsoleKey != nil {
+		enforcerAuthentication.TestConsoleKey = &api.TestConsoleKey{
+			Header:              strings.ToLower(authentication.TestConsoleKey.Header),
+			SendTokenToUpstream: authentication.TestConsoleKey.SendTokenToUpstream,
 		}
 	}
+	if authentication.TestConsoleKey != nil {
+		enforcerAuthentication.TestConsoleKey = &api.TestConsoleKey{
+			Header:              strings.ToLower(authentication.TestConsoleKey.Header),
+			SendTokenToUpstream: authentication.TestConsoleKey.SendTokenToUpstream,
+		}
+	}
+
 	return enforcerAuthentication
 }
 

adapter/internal/oasparser/model/api_operation.go

@@ -50,18 +50,17 @@ type Authentication struct {
 	Disabled       bool
 	JWT            *JWT
 	APIKey         []APIKey
-	Oauth2         *Oauth2
+	TestConsoleKey *TestConsoleKey
 }
 
 // JWT holds JWT related configurations
 type JWT struct {
 	Header              string
 	SendTokenToUpstream bool
-	Audience []string
 }
 
-// Oauth2 holds Oauth2 related configurations
-type Oauth2 struct {
+// TestConsoleKey holds testkey related configurations
+type TestConsoleKey struct {
 	Header              string
 	SendTokenToUpstream bool
 }

adapter/internal/oasparser/model/http_route.go

@@ -19,6 +19,7 @@ package model
 
 import (
 	"github.com/google/uuid"
+	"github.com/wso2/apk/adapter/internal/loggers"
 	"github.com/wso2/apk/adapter/internal/oasparser/constants"
 	"github.com/wso2/apk/adapter/internal/operator/utils"
 	dpv1alpha1 "github.com/wso2/apk/common-go-libs/apis/dp/v1alpha1"
@@ -233,28 +234,19 @@ func getSecurity(authScheme *dpv1alpha2.Authentication) *Authentication {
 		sendTokenToUpstream = authScheme.Spec.Override.AuthTypes.Oauth2.SendTokenToUpstream
 	}
 	auth := &Authentication{Disabled: false,
-		Oauth2: &Oauth2{Header: authHeader, SendTokenToUpstream: sendTokenToUpstream},
+		TestConsoleKey: &TestConsoleKey{Header: constants.TestConsoleKeyHeader},
+		JWT:            &JWT{Header: authHeader, SendTokenToUpstream: sendTokenToUpstream},
 	}
 	if authScheme != nil && authScheme.Spec.Override != nil {
 		if authScheme.Spec.Override.Disabled != nil && *authScheme.Spec.Override.Disabled {
 			return &Authentication{Disabled: true}
 		}
 		authFound := false
-		if authScheme.Spec.Override.AuthTypes != nil && !authScheme.Spec.Override.AuthTypes.Oauth2.Disabled {
-			authFound = true
-		} else {
-			auth = &Authentication{Disabled: false}
-		}
-		if authScheme.Spec.Override.AuthTypes != nil && authScheme.Spec.Override.AuthTypes.JWT.Disabled != nil && !*authScheme.Spec.Override.AuthTypes.JWT.Disabled {
-			audience := make([]string, 0)
-			if len(authScheme.Spec.Override.AuthTypes.JWT.Audience) > 0 {
-				audience = authScheme.Spec.Override.AuthTypes.JWT.Audience
+		if authScheme.Spec.Override.AuthTypes != nil && authScheme.Spec.Override.AuthTypes.Oauth2.Disabled {
+			auth = &Authentication{Disabled: false,
+				TestConsoleKey: &TestConsoleKey{Header: constants.TestConsoleKeyHeader},
 			}
-			jwtHeader := constants.TestConsoleKeyHeader
-			if len(authScheme.Spec.Override.AuthTypes.JWT.Header) > 0 {
-				jwtHeader = authScheme.Spec.Override.AuthTypes.JWT.Header
-			}
-			auth.JWT = &JWT{Header: jwtHeader, SendTokenToUpstream: sendTokenToUpstream, Audience: audience}
+		} else {
 			authFound = true
 		}
 		if authScheme.Spec.Override.AuthTypes != nil && authScheme.Spec.Override.AuthTypes.APIKey != nil {
@@ -270,6 +262,7 @@ func getSecurity(authScheme *dpv1alpha2.Authentication) *Authentication {
 			auth.APIKey = apiKeys
 		}
 		if !authFound {
+			loggers.LoggerOasparser.Debug("Disabled security.")
 			return &Authentication{Disabled: true}
 		}
 	}