Java Code Examples for org.wso2.carbon.apimgt.api.model.API#setEndpointUTPassword()

The following examples show how to use org.wso2.carbon.apimgt.api.model.API#setEndpointUTPassword() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: APIMappingUtil.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
/**
 * Method to set Endpoint Security From APIDTO To API Model
 *
 * @param dto DTO model of the API
 * @param api API
 */
private static void setEndpointSecurityFromApiDTOToModel(APIDTO dto, API api) {
    APIEndpointSecurityDTO securityDTO = dto.getEndpointSecurity();
    if (dto.getEndpointSecurity() != null && securityDTO.getType() != null) {
        api.setEndpointSecured(true);
        api.setEndpointUTUsername(securityDTO.getUsername());
        api.setEndpointUTPassword(securityDTO.getPassword());
        if (APIEndpointSecurityDTO.TypeEnum.digest.equals(securityDTO.getType())) {
            api.setEndpointAuthDigest(true);
        }
    }
}
 
Example 2
Source File: APIExportUtil.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
/**
 * Clean api by removing unnecessary details.
 *
 * @param api API to be exported
 */
private static void cleanApiDataToExport(API api) throws APIManagementException {
    // Thumbnail will be set according to the importing environment. Therefore current URL is removed
    api.setThumbnailUrl(null);
    // WSDL file path will be set according to the importing environment. Therefore current path is removed
    api.setWsdlUrl(null);
    // If Secure Endpoint is enabled and "ExposeEndpointPassword" is 'false' in tenant-conf.json in registry,
    // secure endpoint password is removed, as it causes security issues. Need to add it manually when importing.
    String tenantDomain = MultitenantUtils
            .getTenantDomain(APIUtil.replaceEmailDomainBack(api.getId().getProviderName()));
    if (api.isEndpointSecured() && api.getEndpointUTPassword() != null && !isExposeEndpointPasswordEnabled(
            tenantDomain)) {
        api.setEndpointUTPassword(StringUtils.EMPTY);
    }
}
 
Example 3
Source File: SecurityConfigContextTest.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
@Test
public void testSecurityConfigContext() throws Exception {

    API api = new API(new APIIdentifier("admin", "TestAPI", "1.0.0"));
    api.setStatus(APIConstants.CREATED);
    api.setContextTemplate("/");
    api.setTransports(Constants.TRANSPORT_HTTP);
    api.setEndpointUTUsername("admin");
    api.setEndpointUTPassword("admin123");
    api.setEndpointSecured(true);
    api.setEndpointAuthDigest(true);
    ConfigContext configcontext = new APIConfigContext(api);
    Mockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.API_SECUREVAULT_ENABLE)).thenReturn("true");
    SecurityConfigContext securityConfigContext =
            new SecurityConfigContextWrapper(configcontext, api, apiManagerConfiguration);
    securityConfigContext.validate();
    VelocityContext velocityContext = securityConfigContext.getContext();
    Assert.assertNotNull(velocityContext.get("endpoint_security"));
    Map<String, EndpointSecurityModel> endpointSecurityModelMap =
            (Map<String, EndpointSecurityModel>) velocityContext.get("endpoint_security");
    for (Map.Entry<String, EndpointSecurityModel> endpointSecurityModelEntry : endpointSecurityModelMap
            .entrySet()) {
        Assert.assertTrue("Property isEndpointSecured cannot be false.",
                endpointSecurityModelEntry.getValue().isEnabled());
        Assert.assertTrue("Property isEndpointAuthDigest cannot be false.",
                endpointSecurityModelEntry.getValue().getType().contains("digest"));
        Assert.assertTrue("Property username does not match.",
                "admin".equals(endpointSecurityModelEntry.getValue().getUsername()));
        Assert.assertTrue("Property base64unpw does not match. ",
                new String(Base64.encodeBase64("admin:admin123".getBytes()))
                        .equalsIgnoreCase(endpointSecurityModelEntry.getValue().getBase64EncodedPassword()));
        Assert.assertTrue("Property securevault_alias does not match.",
                "admin--TestAPI1.0.0".equalsIgnoreCase(endpointSecurityModelEntry.getValue().getAlias()));
    }
    Assert.assertTrue("Property isSecureVaultEnabled cannot be false. ",
            velocityContext.get("isSecureVaultEnabled").equals(true));
}
 
Example 4
Source File: SecurityConfigContextTest.java    From carbon-apimgt with Apache License 2.0 4 votes vote down vote up
@Test
public void testSecurityConfigContextIgnoringEndpointConfig() throws Exception {

    String json = "{\"endpoint_security\":{\n" +
            "  \"sandbox\":{\n" +
            "    \"enabled\":true,\n" +
            "    \"type\":\"DIGEST\",\n" +
            "    \"username\":\"admin\",\n" +
            "    \"password\":\"admin123#QA\"\n" +
            "  }\n" +
            "  }\n" +
            "}";

    API api = new API(new APIIdentifier("admin", "TestAPI", "1.0.0"));
    api.setStatus(APIConstants.CREATED);
    api.setContextTemplate("/");
    api.setTransports(Constants.TRANSPORT_HTTP);
    api.setEndpointConfig(json);
    api.setEndpointUTUsername("admin");
    api.setEndpointUTPassword("admin123");
    api.setEndpointSecured(true);
    api.setEndpointAuthDigest(true);
    ConfigContext configcontext = new APIConfigContext(api);
    Mockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.API_SECUREVAULT_ENABLE)).thenReturn("true");
    SecurityConfigContext securityConfigContext =
            new SecurityConfigContextWrapper(configcontext, api, apiManagerConfiguration);
    securityConfigContext.validate();
    VelocityContext velocityContext = securityConfigContext.getContext();
    Assert.assertNotNull(velocityContext.get("endpoint_security"));
    Map<String, EndpointSecurityModel> endpointSecurityModelMap =
            (Map<String, EndpointSecurityModel>) velocityContext.get("endpoint_security");
    for (Map.Entry<String, EndpointSecurityModel> endpointSecurityModelEntry : endpointSecurityModelMap
            .entrySet()) {
        Assert.assertTrue("Property isEndpointSecured cannot be false.",
                endpointSecurityModelEntry.getValue().isEnabled());
        Assert.assertTrue("Property isEndpointAuthDigest cannot be false.",
                endpointSecurityModelEntry.getValue().getType().contains("digest"));
        Assert.assertTrue("Property username does not match.",
                "admin".equals(endpointSecurityModelEntry.getValue().getUsername()));
        Assert.assertTrue("Property base64unpw does not match. ",
                new String(Base64.encodeBase64("admin:admin123".getBytes()))
                        .equalsIgnoreCase(endpointSecurityModelEntry.getValue().getBase64EncodedPassword()));
        Assert.assertTrue("Property securevault_alias does not match.",
                "admin--TestAPI1.0.0".equalsIgnoreCase(endpointSecurityModelEntry.getValue().getAlias()));
    }
    Assert.assertTrue("Property isSecureVaultEnabled cannot be false. ",
            velocityContext.get("isSecureVaultEnabled").equals(true));
}