Java Code Examples for io.swagger.models.Operation#getSecurity()

The following examples show how to use io.swagger.models.Operation#getSecurity() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SwaggerRouter.java    From vertx-swagger with Apache License 2.0 6 votes vote down vote up
private static AuthHandler getAuthHandler(SwaggerAuthHandlerFactory authHandlerFactory, Swagger swagger, Operation operation) {
    AuthHandler authHandler = null;
    if(authHandlerFactory != null) {
        if(operation.getSecurity() != null) {
        	if(!operation.getSecurity().isEmpty()) {
        		authHandler = authHandlerFactory.createAuthHandler(operation.getSecurity());
        	}
        } else if(swagger.getSecurity() != null && !swagger.getSecurity().isEmpty()) {
            List<Map<String, List<String>>> security = swagger.getSecurity().stream()
                    .map(SecurityRequirement::getRequirements)
                    .collect(Collectors.toList());
            authHandler = authHandlerFactory.createAuthHandler(security);
        }
    }

    return authHandler;
}
 
Example 2
Source File: ApiGatewaySdkSwaggerApiImporter.java    From aws-apigateway-importer with Apache License 2.0 6 votes vote down vote up
private Boolean isApiKeyRequired(Operation op) {
    Optional<Map.Entry<String, SecuritySchemeDefinition>> apiKeySecurityDefinition = Optional.empty();

    if (swagger.getSecurityDefinitions() != null) {
        apiKeySecurityDefinition = swagger.getSecurityDefinitions().entrySet()
                .stream().filter(p -> p.getValue().getType().equals("apiKey")).findFirst();
    }

    if (!apiKeySecurityDefinition.isPresent()) {
        return false;
    }

    String securityDefinitionName = apiKeySecurityDefinition.get().getKey();

    if (op.getSecurity() != null) {
        return op.getSecurity().stream().anyMatch(s -> s.containsKey(securityDefinitionName));
    }
    if (swagger.getSecurityRequirement() != null) {
        return swagger.getSecurityRequirement().stream().anyMatch(s -> s.getName().equals(securityDefinitionName));
    }
    return false;
}
 
Example 3
Source File: OAS2Parser.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
/**
 * Gets a list of scopes using the security requirements
 *
 * @param oauth2SchemeKey OAuth2 security element key
 * @param operation       Swagger path operation
 * @return list of scopes using the security requirements
 */
private List<String> getScopeOfOperations(String oauth2SchemeKey, Operation operation) {
    List<Map<String, List<String>>> security = operation.getSecurity();
    if (security != null) {
        for (Map<String, List<String>> requirement : security) {
            if (requirement.get(oauth2SchemeKey) != null) {
                return requirement.get(oauth2SchemeKey);
            }
        }
    }
    return getScopeOfOperationsFromExtensions(operation);
}
 
Example 4
Source File: OAS2Parser.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
/**
 * Update OAS operations for Store
 *
 * @param swagger Swagger to be updated
 */
private void updateOperations(Swagger swagger) {
    for (String pathKey : swagger.getPaths().keySet()) {
        Path path = swagger.getPath(pathKey);
        Map<HttpMethod, Operation> operationMap = path.getOperationMap();
        for (Map.Entry<HttpMethod, Operation> entry : operationMap.entrySet()) {
            Operation operation = entry.getValue();
            Map<String, Object> extensions = operation.getVendorExtensions();
            if (extensions != null) {
                // remove mediation extension
                if (extensions.containsKey(APIConstants.SWAGGER_X_MEDIATION_SCRIPT)) {
                    extensions.remove(APIConstants.SWAGGER_X_MEDIATION_SCRIPT);
                }
                // set x-scope value to security definition if it not there.
                if (extensions.containsKey(APIConstants.SWAGGER_X_WSO2_SCOPES)) {
                    String scope = (String) extensions.get(APIConstants.SWAGGER_X_WSO2_SCOPES);
                    List<Map<String, List<String>>> security = operation.getSecurity();
                    if (security == null) {
                        security = new ArrayList<>();
                        operation.setSecurity(security);
                    }
                    for (Map<String, List<String>> requirement : security) {
                        if (requirement.get(APIConstants.SWAGGER_APIM_DEFAULT_SECURITY) == null || !requirement
                                .get(APIConstants.SWAGGER_APIM_DEFAULT_SECURITY).contains(scope)) {
                            requirement
                                    .put(APIConstants.SWAGGER_APIM_DEFAULT_SECURITY, Collections.singletonList(scope));
                        }
                    }
                }
            }
        }
    }
}
 
Example 5
Source File: OAS2Parser.java    From carbon-apimgt with Apache License 2.0 4 votes vote down vote up
/**
 * Updates managed info of a provided operation such as auth type and throttling
 *
 * @param resource  API resource data
 * @param operation swagger operation
 */
private void updateOperationManagedInfo(SwaggerData.Resource resource, Operation operation) {
    String authType = resource.getAuthType();
    if (APIConstants.AUTH_APPLICATION_OR_USER_LEVEL_TOKEN.equals(authType)) {
        authType = APIConstants.OASResourceAuthTypes.APPLICATION_OR_APPLICATION_USER;
    }
    if (APIConstants.AUTH_APPLICATION_USER_LEVEL_TOKEN.equals(authType)) {
        authType = APIConstants.OASResourceAuthTypes.APPLICATION_USER;
    }
    if (APIConstants.AUTH_APPLICATION_LEVEL_TOKEN.equals(authType)) {
        authType = APIConstants.OASResourceAuthTypes.APPLICATION;
    }
    operation.setVendorExtension(APIConstants.SWAGGER_X_AUTH_TYPE, authType);
    operation.setVendorExtension(APIConstants.SWAGGER_X_THROTTLING_TIER, resource.getPolicy());
    // AWS Lambda: set arn & timeout to swagger
    if (resource.getAmznResourceName() != null) {
        operation.setVendorExtension(APIConstants.SWAGGER_X_AMZN_RESOURCE_NAME, resource.getAmznResourceName());
    }
    if (resource.getAmznResourceTimeout() != 0) {
        operation.setVendorExtension(APIConstants.SWAGGER_X_AMZN_RESOURCE_TIMEOUT, resource.getAmznResourceTimeout());
    }
    updateLegacyScopesFromOperation(resource, operation);
    String oauth2SchemeKey = APIConstants.SWAGGER_APIM_DEFAULT_SECURITY;
    List<Map<String, List<String>>> security = operation.getSecurity();
    if (security == null) {
        security = new ArrayList<>();
        operation.setSecurity(security);
    }
    for (Map<String, List<String>> requirement : security) {
        if (requirement.get(oauth2SchemeKey) != null) {
            if (resource.getScopes().isEmpty()) {
                requirement.put(oauth2SchemeKey, Collections.EMPTY_LIST);
            } else {
                 requirement.put(oauth2SchemeKey, resource.getScopes().stream().map(Scope::getKey).collect(
                        Collectors.toList()));
            }
            return;
        }
    }
    // if oauth2SchemeKey not present, add a new
    Map<String, List<String>> defaultRequirement = new HashMap<>();
    if (resource.getScopes().isEmpty()) {
        defaultRequirement.put(oauth2SchemeKey, Collections.EMPTY_LIST);
    } else {
        defaultRequirement.put(oauth2SchemeKey, resource.getScopes().stream().map(Scope::getKey).collect(
                Collectors.toList()));
    }
    security.add(defaultRequirement);
}
 
Example 6
Source File: OAS2Parser.java    From carbon-apimgt with Apache License 2.0 4 votes vote down vote up
/**
 * This method returns URI templates according to the given swagger file(Swagger version 2)
 *
 * @param swagger Swagger
 * @return Swagger
 * @throws APIManagementException
 */
private Swagger injectOtherResourceScopesToDefaultScheme(Swagger swagger) throws APIManagementException {
    List<String> schemes = getOtherSchemes();

    Map<String, Path> paths = swagger.getPaths();
    for (String pathKey : paths.keySet()) {
        Path pathItem = paths.get(pathKey);
        Map<HttpMethod, Operation> operationsMap = pathItem.getOperationMap();
        for (Map.Entry<HttpMethod, Operation> entry : operationsMap.entrySet()) {
            HttpMethod httpMethod = entry.getKey();
            Operation operation = entry.getValue();
            Map<String, List<String>> updatedDefaultSecurityRequirement = new HashMap<>();
            List<Map<String, List<String>>> securityRequirements = operation.getSecurity();
            if (securityRequirements == null) {
                securityRequirements = new ArrayList<>();
            }
            if (APIConstants.SUPPORTED_METHODS.contains(httpMethod.name().toLowerCase())) {
                List<String> opScopesDefault = new ArrayList<>();
                List<String> opScopesDefaultInstance = getScopeOfOperations(SWAGGER_SECURITY_SCHEMA_KEY, operation);
                if (opScopesDefaultInstance != null) {
                    opScopesDefault.addAll(opScopesDefaultInstance);
                }
                updatedDefaultSecurityRequirement.put(SWAGGER_SECURITY_SCHEMA_KEY, opScopesDefault);
                for (Map<String, List<String>> input : securityRequirements) {
                    for (String scheme : schemes) {
                        if (!SWAGGER_SECURITY_SCHEMA_KEY.equals(scheme)) {
                            List<String> opScopesOthers = getScopeOfOperations(scheme, operation);
                            if (opScopesOthers != null) {
                                for (String scope : opScopesOthers) {
                                    if (!opScopesDefault.contains(scope)) {
                                        opScopesDefault.add(scope);
                                    }
                                }
                            }
                        }
                        updatedDefaultSecurityRequirement.put(SWAGGER_SECURITY_SCHEMA_KEY, opScopesDefault);
                    }
                }
                securityRequirements.add(updatedDefaultSecurityRequirement);
            }
            operation.setSecurity(securityRequirements);
            entry.setValue(operation);
            operationsMap.put(httpMethod, operation);
        }
        paths.put(pathKey, pathItem);
    }
    swagger.setPaths(paths);
    return swagger;
}