private APIKeyValidationInfoDTO toDTO(
     org.wso2.carbon.apimgt.impl.dto.xsd.APIKeyValidationInfoDTO generatedDto) {
   APIKeyValidationInfoDTO dto = new APIKeyValidationInfoDTO();
   dto.setSubscriber(generatedDto.getSubscriber());
   dto.setAuthorized(generatedDto.getAuthorized());
   dto.setTier(generatedDto.getTier());
   dto.setType(generatedDto.getType());
   dto.setEndUserToken(generatedDto.getEndUserToken());
   dto.setEndUserName(generatedDto.getEndUserName());
   dto.setApplicationName(generatedDto.getApplicationName());
   dto.setEndUserName(generatedDto.getEndUserName());
   dto.setConsumerKey(generatedDto.getConsumerKey());
   // dto.setAuthorizedDomains(Arrays.asList(generatedDto.getAuthorizedDomains()));
   dto.setValidationStatus(generatedDto.getValidationStatus());
   dto.setApplicationId(generatedDto.getApplicationId());
   dto.setApplicationTier(generatedDto.getApplicationTier());
   dto.setApiPublisher(generatedDto.getApiPublisher());
   dto.setApiName(generatedDto.getApiName());
   dto.setValidityPeriod(generatedDto.getValidityPeriod());
   dto.setIssuedTime(generatedDto.getIssuedTime());
   dto.setApiTier(generatedDto.getApiTier());
   dto.setContentAware(generatedDto.getContentAware());
   dto.setScopes(
       generatedDto.getScopes() == null
           ? null
           : new HashSet<String>(Arrays.asList(generatedDto.getScopes())));
   dto.setThrottlingDataList(Arrays.asList(generatedDto.getThrottlingDataList()));
   dto.setSpikeArrestLimit(generatedDto.getSpikeArrestLimit());
   dto.setSpikeArrestUnit(generatedDto.getSpikeArrestUnit());
   dto.setSubscriberTenantDomain(generatedDto.getSubscriberTenantDomain());
   dto.setStopOnQuotaReach(generatedDto.getStopOnQuotaReach());
   return dto;
 }
 private APIKeyValidationInfoDTO toDTO(
     org.wso2.carbon.apimgt.impl.dto.xsd.APIKeyValidationInfoDTO generatedDto) {
   APIKeyValidationInfoDTO dto = new APIKeyValidationInfoDTO();
   dto.setSubscriber(generatedDto.getSubscriber());
   dto.setAuthorized(generatedDto.getAuthorized());
   dto.setTier(generatedDto.getTier());
   dto.setType(generatedDto.getType());
   dto.setEndUserToken(generatedDto.getEndUserToken());
   dto.setEndUserName(generatedDto.getEndUserName());
   dto.setApplicationName(generatedDto.getApplicationName());
   dto.setEndUserName(generatedDto.getEndUserName());
   dto.setApplicationName(generatedDto.getApplicationName());
   dto.setValidationStatus(generatedDto.getValidationStatus());
   dto.setApplicationId(generatedDto.getApplicationId());
   dto.setApplicationTier(generatedDto.getApplicationTier());
   return dto;
 }
Exemplo n.º 3
0
  /**
   * Get the API key validated against the specified API
   *
   * @param context API context
   * @param apiKey API key to be validated
   * @param apiVersion API version number
   * @return An APIKeyValidationInfoDTO object
   * @throws APISecurityException If an error occurs while accessing backend services
   */
  public APIKeyValidationInfoDTO getKeyValidationInfo(
      String context,
      String apiKey,
      String apiVersion,
      String authenticationScheme,
      String clientDomain,
      String matchingResource,
      String httpVerb,
      boolean defaultVersionInvoked)
      throws APISecurityException {

    String prefixedVersion = apiVersion;
    // Check if client has invoked the default version API.
    if (defaultVersionInvoked) {
      // Prefix the version so that it looks like _default_1.0 (_default_<version>)).
      // This is so that the Key Validator knows that this request is coming through a default api
      // version
      prefixedVersion = APIConstants.DEFAULT_VERSION_PREFIX.concat(prefixedVersion);
    }

    String cacheKey =
        APIUtil.getAccessTokenCacheKey(
            apiKey, context, prefixedVersion, matchingResource, httpVerb, authenticationScheme);
    // If Gateway key caching is enabled.
    if (gatewayKeyCacheEnabled) {
      // Get the access token from the first level cache.
      String cachedToken = (String) getGatewayTokenCache().get(apiKey);

      // If the access token exists in the first level cache.
      if (cachedToken != null) {
        APIKeyValidationInfoDTO info = (APIKeyValidationInfoDTO) getGatewayKeyCache().get(cacheKey);

        if (info != null) {
          if (APIUtil.isAccessTokenExpired(info)) {
            log.info("Invalid OAuth Token : Access Token " + apiKey + " expired.");
            info.setAuthorized(false);
            // in cache, if token is expired  remove cache entry.
            getGatewayKeyCache().remove(cacheKey);

            // Remove from the first level token cache as well.
            getGatewayTokenCache().remove(apiKey);
          }
          return info;
        }
      }
    }

    // synchronized (apiKey.intern()) {
    // We synchronize on the API key here to allow concurrent processing
    // of different API keys - However when a burst of requests with the
    // same key is encountered, only one will be allowed to execute the logic,
    // and the rest will pick the value from the cache.
    //   info = (APIKeyValidationInfoDTO) infoCache.get(cacheKey);
    // if (info != null) {
    //   return info;
    // }
    APIKeyValidationInfoDTO info =
        doGetKeyValidationInfo(
            context,
            prefixedVersion,
            apiKey,
            authenticationScheme,
            clientDomain,
            matchingResource,
            httpVerb);
    if (info != null) {
      if (gatewayKeyCacheEnabled) {
        // Get the tenant domain of the API that is being invoked.
        String tenantDomain =
            PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();

        // Add to first level Token Cache.
        getGatewayTokenCache().put(apiKey, tenantDomain);
        // Add to Key Cache.
        getGatewayKeyCache().put(cacheKey, info);

        // If this is NOT a super-tenant API that is being invoked
        if (!MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
          // Add the tenant domain as a reference to the super tenant cache so we know from which
          // tenant cache
          // to remove the entry when the need occurs to clear this particular cache entry.
          try {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext.getThreadLocalCarbonContext()
                .setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME, true);

            getGatewayTokenCache().put(apiKey, tenantDomain);
          } finally {
            PrivilegedCarbonContext.endTenantFlow();
          }
        }
      }

      return info;
    } else {
      String warnMsg = "API key validation service returns null object";
      log.warn(warnMsg);
      throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, warnMsg);
    }
  }