diff --git a/adapter/config/types.go b/adapter/config/types.go index 8b337b66af..7ebabe44b1 100644 --- a/adapter/config/types.go +++ b/adapter/config/types.go @@ -328,8 +328,8 @@ type upstreamCircuitBreaker struct { type security struct { TokenService []tokenService AuthHeader authHeader - APIKeyConfig apiKeyConfig - PATConfig patConfig + APIKeyConfig apiKeyConfig `toml:"apiKeyConfig"` + PATConfig patConfig `toml:"patConfig"` } type authService struct { @@ -500,7 +500,7 @@ type authHeader struct { } type apiKeyConfig struct { - OAuthAgentURL string + OAuthAgentURL string `toml:"oauthAgentURL"` } type patConfig struct { diff --git a/enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/APIKeyUtils.java b/enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/APIKeyUtils.java index de9c1d788e..f6155bf2da 100644 --- a/enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/APIKeyUtils.java +++ b/enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/APIKeyUtils.java @@ -97,10 +97,10 @@ public static String generateAPIKeyHash(String apiKey) { /** * This function exchanges a given API key to an JWT token. * - * @param keyHash Key hash - * @return JWT corresponding to given key hash. + * @param pat PAT + * @return JWT corresponding to given PAT. */ - public static Optional exchangeAPIKeyToJWT(String keyHash) { + public static Optional exchangePATToJWT(String pat) { URL url = null; try { @@ -115,6 +115,7 @@ public static Optional exchangeAPIKeyToJWT(String keyHash) { // Create a request to exchange API key to JWT. HttpPost exchangeRequest = new HttpPost(url.toURI()); exchangeRequest.addHeader("Content-Type", ContentType.APPLICATION_JSON.toString()); + String keyHash = generateAPIKeyHash(pat); exchangeRequest.setEntity(new StringEntity(createPATExchangeRequest(keyHash))); try (CloseableHttpResponse response = httpClient.execute(exchangeRequest)) { if (response.getStatusLine().getStatusCode() == 200) { diff --git a/enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/JWTAuthenticator.java b/enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/JWTAuthenticator.java index 80c74f0fb5..6e9b8c3d09 100644 --- a/enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/JWTAuthenticator.java +++ b/enforcer-parent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/JWTAuthenticator.java @@ -820,7 +820,7 @@ private String exchangeJWTForPAT(String pat) throws APISecurityException { } return (String) cachedJWT; } - Optional jwt = APIKeyUtils.exchangeAPIKeyToJWT(pat); + Optional jwt = APIKeyUtils.exchangePATToJWT(pat); if (jwt.isEmpty()) { throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), APISecurityConstants.API_AUTH_INVALID_CREDENTIALS,