/**
* Throttle out the request
*
* @param request
* @param accessToken
* @return
* @throws APIFaultException
*/
public boolean doThrottle(Request request, String accessToken) throws APIFaultException {
String apiName = request.getContextPath();
String apiVersion = APIManagetInterceptorUtils.getAPIVersion(request);
String apiIdentifier = apiName + "-" + apiVersion;
APIThrottleHandler throttleHandler = null;
ConfigurationContext cc = DataHolder.getServerConfigContext();
if (cc.getProperty(apiIdentifier) == null) {
throttleHandler = new APIThrottleHandler();
/* Add the Throttle handler to ConfigContext against API Identifier */
cc.setProperty(apiIdentifier, throttleHandler);
} else {
throttleHandler = (APIThrottleHandler) cc.getProperty(apiIdentifier);
}
if (throttleHandler.doThrottle(request, apiKeyValidationDTO, accessToken)) {
return true;
} else {
throw new APIFaultException(
APIManagerErrorConstants.API_THROTTLE_OUT, "You have exceeded your quota");
}
}
/**
* Log the interesting request parameters, invoke the next Valve in the sequence, and log the
* interesting response parameters.
*
* @param request The servlet request to be processed
* @param response The servlet response to be created
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
*/
public void invoke(Request request, Response response) throws IOException, ServletException {
Log log = container.getLogger();
// Log pre-service information
log.info("REQUEST URI =" + request.getRequestURI());
log.info(" authType=" + request.getAuthType());
log.info(" characterEncoding=" + request.getCharacterEncoding());
log.info(" contentLength=" + request.getContentLength());
log.info(" contentType=" + request.getContentType());
log.info(" contextPath=" + request.getContextPath());
Cookie cookies[] = request.getCookies();
if (cookies != null) {
for (int i = 0; i < cookies.length; i++)
log.info(" cookie=" + cookies[i].getName() + "=" + cookies[i].getValue());
}
Enumeration hnames = request.getHeaderNames();
while (hnames.hasMoreElements()) {
String hname = (String) hnames.nextElement();
Enumeration hvalues = request.getHeaders(hname);
while (hvalues.hasMoreElements()) {
String hvalue = (String) hvalues.nextElement();
log.info(" header=" + hname + "=" + hvalue);
}
}
log.info(" locale=" + request.getLocale());
log.info(" method=" + request.getMethod());
Enumeration pnames = request.getParameterNames();
while (pnames.hasMoreElements()) {
String pname = (String) pnames.nextElement();
String pvalues[] = request.getParameterValues(pname);
StringBuffer result = new StringBuffer(pname);
result.append('=');
for (int i = 0; i < pvalues.length; i++) {
if (i > 0) result.append(", ");
result.append(pvalues[i]);
}
log.info(" parameter=" + result.toString());
}
log.info(" pathInfo=" + request.getPathInfo());
log.info(" protocol=" + request.getProtocol());
log.info(" queryString=" + request.getQueryString());
log.info(" remoteAddr=" + request.getRemoteAddr());
log.info(" remoteHost=" + request.getRemoteHost());
log.info(" remoteUser="******"requestedSessionId=" + request.getRequestedSessionId());
log.info(" scheme=" + request.getScheme());
log.info(" serverName=" + request.getServerName());
log.info(" serverPort=" + request.getServerPort());
log.info(" servletPath=" + request.getServletPath());
log.info(" isSecure=" + request.isSecure());
log.info("---------------------------------------------------------------");
// Perform the request
getNext().invoke(request, response);
// Log post-service information
log.info("---------------------------------------------------------------");
log.info(" authType=" + request.getAuthType());
log.info(" contentLength=" + response.getContentLength());
log.info(" contentType=" + response.getContentType());
Cookie rcookies[] = response.getCookies();
for (int i = 0; i < rcookies.length; i++) {
log.info(
" cookie="
+ rcookies[i].getName()
+ "="
+ rcookies[i].getValue()
+ "; domain="
+ rcookies[i].getDomain()
+ "; path="
+ rcookies[i].getPath());
}
String rhnames[] = response.getHeaderNames();
for (int i = 0; i < rhnames.length; i++) {
String rhvalues[] = response.getHeaderValues(rhnames[i]);
for (int j = 0; j < rhvalues.length; j++)
log.info(" header=" + rhnames[i] + "=" + rhvalues[j]);
}
log.info(" message=" + response.getMessage());
log.info(" remoteUser="******" status=" + response.getStatus());
log.info("===============================================================");
}
public void invoke(Request request, Response response, CompositeValve compositeValve) {
if (authenticator == null) {
authenticator = new APITokenAuthenticator();
}
String context = request.getContextPath();
if (context == null || context.equals("")) {
// Invoke next valve in pipe.
getNext().invoke(request, response, compositeValve);
return;
}
// todo remove version from context - special case for apps
// context = stripVersionfromContext(context);
boolean contextExist;
Boolean contextValueInCache = null;
if (APIUtil.getAPIContextCache().get(context) != null) {
contextValueInCache =
Boolean.parseBoolean(APIUtil.getAPIContextCache().get(context).toString());
}
if (contextValueInCache != null) {
contextExist = contextValueInCache;
} else {
contextExist = ApiMgtDAO.isContextExist(context);
APIUtil.getAPIContextCache().put(context, contextExist);
}
if (!contextExist) {
getNext().invoke(request, response, compositeValve);
return;
}
handleWSDLGetRequest(request, response, compositeValve, context);
String dispatcherPath = null;
boolean forwardingRequired = false;
long requestTime = System.currentTimeMillis();
APIManagerInterceptorOps interceptorOps = new APIManagerInterceptorOps();
UsageStatConfiguration statConfiguration = new UsageStatConfiguration();
if (contextExist) {
// Use embedded API Management
if (log.isDebugEnabled()) {
log.debug("API Manager Interceptor Valve Got invoked!!");
}
String bearerToken = request.getHeader(APIConstants.OperationParameter.AUTH_PARAM_NAME);
String accessToken = null;
/* Authenticate*/
try {
if (bearerToken != null) {
accessToken = APIManagetInterceptorUtils.getBearerToken(bearerToken);
} else {
// There can be some API published with None Auth Type
/*
* throw new
* APIFaultException(APIConstants.KeyValidationStatus
* .API_AUTH_INVALID_CREDENTIALS,
* "Invalid format for Authorization header. Expected 'Bearer <token>'"
* );
*/
}
String apiVersion = APIManagetInterceptorUtils.getAPIVersion(request);
dispatcherPath = apiVersion;
// todo get proper version
// handling version for web-application API mgmt
if (!APIManagerInterceptorConstant.DEFAULT_API_VERSION.equals(apiVersion)
|| "".equals(apiVersion)) {
apiVersion = APIManagerInterceptorConstant.DEFAULT_API_VERSION;
} else {
forwardingRequired = true;
}
String domain = request.getHeader(APITokenValidator.getAPIManagerClientDomainHeader());
String authLevel =
authenticator.getResourceAuthenticationScheme(
context, apiVersion, request.getRequestURI(), request.getMethod());
if (authLevel.equals(APIConstants.NO_MATCHING_AUTH_SCHEME)) {
APIManagetInterceptorUtils.handleNoMatchAuthSchemeCallForRestService(
response, request.getMethod(), request.getRequestURI(), apiVersion, context);
return;
} else {
interceptorOps.doAuthenticate(
context,
APIConstants.DEFAULT_VERSION_PREFIX + apiVersion,
accessToken,
authLevel,
domain);
}
} catch (APIManagementException e) {
// ignore
} catch (APIFaultException e) {
/* If !isAuthorized APIFaultException is thrown*/
APIManagetInterceptorUtils.handleAPIFaultForRestService(
e,
APIManagerErrorConstants.API_SECURITY_NS,
APIManagerErrorConstants.API_SECURITY_NS_PREFIX,
response);
return;
}
/* Throttle*/
try {
interceptorOps.doThrottle(request, accessToken);
} catch (APIFaultException e) {
APIManagetInterceptorUtils.handleAPIFaultForRestService(
e,
APIManagerErrorConstants.API_THROTTLE_NS,
APIManagerErrorConstants.API_THROTTLE_NS_PREFIX,
response);
return;
}
/* Publish Statistic if enabled*/
if (statConfiguration.isStatsPublishingEnabled()) {
try {
interceptorOps.publishStatistics(request, requestTime, false);
} catch (APIManagementException e) {
log.error("Error occurred when publishing stats", e);
}
}
}
if (forwardingRequired) {
try {
request
.getRequestDispatcher(
request.getContextPath() + "/services/customers/customerservice/customers/123")
.forward(request, response);
// response.sendRedirect(request.getContextPath() +
// "/services/customers/customerservice/customers/123");
// return;
} catch (ServletException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
// Invoke next valve in pipe.
getNext().invoke(request, response, compositeValve);
// Handle Responses
if (contextExist && statConfiguration.isStatsPublishingEnabled()) {
try {
interceptorOps.publishStatistics(request, requestTime, true);
} catch (APIManagementException e) {
log.error("Error occurred when publishing stats", e);
}
}
}
public void invoke(Request request, Response response, CompositeValve compositeValve) {
String context = request.getContextPath();
if (context == null || context.equals("")) {
// Invoke next valve in pipe.
getNext().invoke(request, response, compositeValve);
return;
}
boolean contextExist;
Boolean contextValueInCache = null;
if (APIUtil.getAPIContextCache().get(context) != null) {
contextValueInCache =
Boolean.parseBoolean(APIUtil.getAPIContextCache().get(context).toString());
}
if (contextValueInCache != null) {
contextExist = contextValueInCache;
} else {
contextExist = ApiMgtDAO.isContextExist(context);
APIUtil.getAPIContextCache().put(context, contextExist);
}
if (!contextExist) {
getNext().invoke(request, response, compositeValve);
return;
}
handleWSDLGetRequest(request, response, compositeValve, context);
long requestTime = System.currentTimeMillis();
APIManagerInterceptorOps interceptorOps = new APIManagerInterceptorOps();
UsageStatConfiguration statConfiguration = new UsageStatConfiguration();
if (contextExist) {
// Use embedded WebApp Management
if (log.isDebugEnabled()) {
log.debug("WebApp Manager Interceptor Valve Got invoked!!");
}
String bearerToken = request.getHeader(APIConstants.OperationParameter.AUTH_PARAM_NAME);
String accessToken = null;
/* Authenticate*/
try {
if (bearerToken != null) {
accessToken = APIManagetInterceptorUtils.getBearerToken(bearerToken);
} else {
// There can be some WebApp published with None Auth Type
/*
* throw new
* APIFaultException(APIConstants.KeyValidationStatus
* .API_AUTH_INVALID_CREDENTIALS,
* "Invalid format for Authorization header. Expected 'Bearer <token>'"
* );
*/
}
String apiVersion = APIManagetInterceptorUtils.getAPIVersion(request);
String domain = request.getHeader(APITokenValidator.getAPIManagerClientDomainHeader());
String authLevel =
authenticator.getResourceAuthenticationScheme(
context, apiVersion, request.getRequestURI(), request.getMethod());
if (authLevel == APIConstants.NO_MATCHING_AUTH_SCHEME) {
APIManagetInterceptorUtils.handleNoMatchAuthSchemeCallForRestService(
response, request.getMethod(), request.getRequestURI(), apiVersion, context);
return;
} else {
interceptorOps.doAuthenticate(context, apiVersion, accessToken, authLevel, domain);
}
} catch (APIManagementException e) {
// ignore
} catch (APIFaultException e) {
/* If !isAuthorized APIFaultException is thrown*/
APIManagetInterceptorUtils.handleAPIFaultForRestService(
e,
APIManagerErrorConstants.API_SECURITY_NS,
APIManagerErrorConstants.API_SECURITY_NS_PREFIX,
response);
return;
}
/* Throttle*/
try {
interceptorOps.doThrottle(request, accessToken);
} catch (APIFaultException e) {
APIManagetInterceptorUtils.handleAPIFaultForRestService(
e,
APIManagerErrorConstants.API_THROTTLE_NS,
APIManagerErrorConstants.API_THROTTLE_NS_PREFIX,
response);
return;
}
/* Publish Statistic if enabled*/
if (statConfiguration.isStatsPublishingEnabled()) {
try {
interceptorOps.publishStatistics(request, requestTime, false);
} catch (APIManagementException e) {
log.error("Error occured when publishing stats", e);
}
}
}
// Invoke next valve in pipe.
getNext().invoke(request, response, compositeValve);
// Handle Responses
if (contextExist && statConfiguration.isStatsPublishingEnabled()) {
try {
interceptorOps.publishStatistics(request, requestTime, true);
} catch (APIManagementException e) {
log.error("Error occured when publishing stats", e);
}
}
}
