diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 17af6d365758..8b7bb84f326b 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -12,7 +12,7 @@ on: permissions: contents: read # to fetch code (actions/checkout) concurrency: - group: ${{ github.event.number }} + group: ${{ github.event.number || github.run_id }} cancel-in-progress: true jobs: build-carbon: @@ -170,4 +170,4 @@ jobs: fetch-depth: '10' path: product-apim - name: Build product-apim with tests - run: mvn clean install -Dcarbon.apimgt.version=$(cat ../CARBON_APIMGT_VERSION_FILE) -fae --file product-apim/pom.xml -DskipIntegrationTests \ No newline at end of file + run: mvn clean install -Dcarbon.apimgt.version=$(cat ../CARBON_APIMGT_VERSION_FILE) -fae --file product-apim/pom.xml -DskipIntegrationTests diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml index b4a0541091d2..284b008998ee 100644 --- a/.github/workflows/sonar-scan.yml +++ b/.github/workflows/sonar-scan.yml @@ -27,25 +27,31 @@ jobs: with: java-version: 11.0.16+8 distribution: 'temurin' - - uses: actions/setup-node@v3 - with: - node-version: '14.x' - name: Cache Maven packages uses: actions/cache@v3 with: path: ~/.m2 key: ${{ runner.os }}-m2 restore-keys: ${{ runner.os }}-m2 - + - name: Build carbon-apimgt with Tests, skipping AspectJ + run: mvn clean install --file pom.xml -Dskip.aspectj=true -Dmaven.test.skip=true + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + - name: Set up JDK 17 + uses: actions/setup-java@v2 + with: + java-version: 17 + distribution: 'temurin' - name: Cache SonarCloud packages - uses: actions/cache@v1 + uses: actions/cache@v3 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar restore-keys: ${{ runner.os }}-sonar - - name: Build carbon-apimgt with Tests, skipping AspectJ - run: mvn clean install sonar:sonar --file pom.xml -Dskip.aspectj=true -Dmaven.test.skip=true + - name: run sonar scan + run: mvn sonar:sonar --file pom.xml -Dskip.aspectj=true -Dmaven.test.skip=true env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/components/apimgt/org.wso2.carbon.apimgt.api/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.api/pom.xml index ee9b4e5ed0e2..0af7e4a47faa 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.api/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.api/pom.xml @@ -11,7 +11,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/APIManager.java b/components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/APIManager.java index 94ed069bbc9c..05544baf910c 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/APIManager.java +++ b/components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/APIManager.java @@ -519,8 +519,8 @@ List getResourcesOfAPIProduct(APIProductIdentifier productId * @return * @throws APIManagementException */ - Map searchPaginatedAPIs(String searchQuery, String organization, int start, int end, - String sortBy, String sortOrder) throws APIManagementException; + Map searchPaginatedAPIs(String searchQuery, String organization, int start, int end) + throws APIManagementException; /** * Search in content of apis, api products and documents and provide the results diff --git a/components/apimgt/org.wso2.carbon.apimgt.broker.lifecycle/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.broker.lifecycle/pom.xml index b0304a8624e0..c92c4a1766b3 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.broker.lifecycle/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.broker.lifecycle/pom.xml @@ -4,7 +4,7 @@ apimgt org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.cache.invalidation/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.cache.invalidation/pom.xml index 2e08dea18228..b4d5490acfa0 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.cache.invalidation/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.cache.invalidation/pom.xml @@ -19,7 +19,7 @@ apimgt org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT 4.0.0 diff --git a/components/apimgt/org.wso2.carbon.apimgt.cleanup.service/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.cleanup.service/pom.xml index 7ff6ed468982..a29b19b2f9d7 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.cleanup.service/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.cleanup.service/pom.xml @@ -19,7 +19,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.common.analytics/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.common.analytics/pom.xml index c4235060d8bc..537f5499523e 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.common.analytics/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.common.analytics/pom.xml @@ -3,7 +3,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml 4.0.0 diff --git a/components/apimgt/org.wso2.carbon.apimgt.common.gateway/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.common.gateway/pom.xml index aa7e1b988de9..74edd65d0ce1 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.common.gateway/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.common.gateway/pom.xml @@ -3,7 +3,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml 4.0.0 diff --git a/components/apimgt/org.wso2.carbon.apimgt.common.jms/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.common.jms/pom.xml index 9943548400a9..659c24c59c53 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.common.jms/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.common.jms/pom.xml @@ -4,7 +4,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml 4.0.0 diff --git a/components/apimgt/org.wso2.carbon.apimgt.core/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.core/pom.xml index 8c5930374918..fffceac67b77 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.core/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.core/pom.xml @@ -5,7 +5,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.devops.impl/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.devops.impl/pom.xml index bfac3c53d648..45b2fecfaa1d 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.devops.impl/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.devops.impl/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.eventing.hub/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.eventing.hub/pom.xml index cd69c4eb455f..f55b57f294df 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.eventing.hub/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.eventing.hub/pom.xml @@ -20,7 +20,7 @@ apimgt org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.eventing/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.eventing/pom.xml index d2d6c46b513e..3fc62b415e0f 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.eventing/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.eventing/pom.xml @@ -20,7 +20,7 @@ apimgt org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.gateway/pom.xml index 8b5990d303c5..2c242c507a31 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/pom.xml @@ -19,7 +19,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/InMemoryAPIDeployer.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/InMemoryAPIDeployer.java index ddb717129898..9d9e180f15d2 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/InMemoryAPIDeployer.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/InMemoryAPIDeployer.java @@ -46,6 +46,7 @@ import org.wso2.carbon.apimgt.gateway.internal.ServiceReferenceHolder; import org.wso2.carbon.apimgt.gateway.service.APIGatewayAdmin; import org.wso2.carbon.apimgt.impl.APIConstants; +import org.wso2.carbon.apimgt.impl.dto.ExtendedJWTConfigurationDto; import org.wso2.carbon.apimgt.impl.dto.GatewayArtifactSynchronizerProperties; import org.wso2.carbon.apimgt.impl.dto.GatewayCleanupSkipList; import org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.ArtifactRetriever; @@ -210,7 +211,11 @@ public boolean deployAllAPIs(Set assignedGatewayLabels, String tenantDom if (!redeployChangedAPIs) { try { - deployJWKSSynapseAPI(tenantDomain); // Deploy JWKS API + boolean isJWKSApiEnabled = ServiceReferenceHolder + .getInstance().getAPIManagerConfiguration().getJwtConfigurationDto().isJWKSApiEnabled(); + if(isJWKSApiEnabled) { + deployJWKSSynapseAPI(tenantDomain); // Deploy JWKS API + } if (APIConstants.SUPER_TENANT_DOMAIN.equalsIgnoreCase(tenantDomain)) { deployHealthCheckSynapseAPI(tenantDomain); // Deploy HealthCheck API for the super tenant } diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/DefaultAPIHandler.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/DefaultAPIHandler.java index 0a72bdd9da32..8b341dc2a90d 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/DefaultAPIHandler.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/DefaultAPIHandler.java @@ -28,7 +28,9 @@ import org.wso2.carbon.apimgt.api.APIManagementException; import org.wso2.carbon.apimgt.common.gateway.constants.HealthCheckConstants; import org.wso2.carbon.apimgt.common.gateway.constants.JWTConstants; +import org.wso2.carbon.apimgt.gateway.APIMgtGatewayConstants; import org.wso2.carbon.apimgt.gateway.InMemoryAPIDeployer; +import org.wso2.carbon.apimgt.gateway.internal.ServiceReferenceHolder; import org.wso2.carbon.apimgt.gateway.utils.GatewayUtils; import org.wso2.carbon.apimgt.impl.APIConstants; import org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.exception.ArtifactSynchronizerException; @@ -62,7 +64,10 @@ public boolean handleRequestInFlow(MessageContext messageContext) { } } - if (isJWKSEndpoint) { + boolean isJWKSApiEnabled = ServiceReferenceHolder + .getInstance().getAPIManagerConfiguration().getJwtConfigurationDto().isJWKSApiEnabled(); + + if (isJWKSEndpoint && isJWKSApiEnabled) { try { InMemoryAPIDeployer.deployJWKSSynapseAPI(tenantDomain); } catch(APIManagementException e){ @@ -84,6 +89,7 @@ public boolean handleRequestInFlow(MessageContext messageContext) { String selectedPath = selectedAPIS.firstKey(); API selectedAPI = selectedAPIS.get(selectedPath); if (selectedAPI != null) { + messageContext.setProperty(APIMgtGatewayConstants.API_OBJECT, selectedAPI); if (GatewayUtils.isOnDemandLoading()) { if (!selectedAPI.isDeployed()) { synchronized ("LoadAPI_".concat(selectedAPI.getContext()).intern()) { diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/Utils.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/Utils.java index 11b5906dfcb4..c7a7c58bfd0c 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/Utils.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/Utils.java @@ -79,7 +79,21 @@ import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; -import java.util.*; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collection; +import java.util.Collections; +import java.util.Comparator; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.LinkedHashSet; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.TreeMap; import javax.cache.Caching; import javax.xml.namespace.QName; @@ -822,17 +836,19 @@ public static API getAPIByContext(MessageContext messageContext) { */ public static Set getAcceptableResources(Resource[] allAPIResources, String httpMethod, String corsRequestMethod) { - Set acceptableResources = new LinkedHashSet<>(); + List acceptableResourcesList = new LinkedList<>(); for (Resource resource : allAPIResources) { //If the requesting method is OPTIONS or if the Resource contains the requesting method - String [] resourceMethods = resource.getMethods(); - if ((RESTConstants.METHOD_OPTIONS.equals(httpMethod) && resourceMethods != null - && Arrays.asList(resourceMethods).contains(corsRequestMethod)) - || (resourceMethods != null && Arrays.asList(resourceMethods).contains(httpMethod))) { - acceptableResources.add(resource); + if (resource.getMethods() != null && Arrays.asList(resource.getMethods()).contains(httpMethod) && + RESTConstants.METHOD_OPTIONS.equals(httpMethod)) { + acceptableResourcesList.add(0, resource); + } else if ((RESTConstants.METHOD_OPTIONS.equals(httpMethod) && resource.getMethods() != null && + Arrays.asList(resource.getMethods()).contains(corsRequestMethod)) || + (resource.getMethods() != null && Arrays.asList(resource.getMethods()).contains(httpMethod))) { + acceptableResourcesList.add(resource); } } - return acceptableResources; + return new LinkedHashSet<>(acceptableResourcesList); } /** diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/Constants.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/Constants.java index 137bdbd8f940..554d5bfd3c12 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/Constants.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/Constants.java @@ -63,6 +63,7 @@ public static final class ERROR_CODE_RANGES { public static final int RESOURCE_NOT_FOUND_ERROR_CODE = 404; public static final int METHOD_NOT_ALLOWED_ERROR_CODE = 405; public static final int ENDPOINT_SUSPENDED_ERROR_CODE = 303001; + public static final int RESOURCE_NOT_FOUND_APIM_ERROR_CODE = 900906; public static final int WS_BAD_GATEWAY_ERROR_CODE = 1014; diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/FaultCodeClassifier.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/FaultCodeClassifier.java index 174d2d327e55..3735b601b2c1 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/FaultCodeClassifier.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/FaultCodeClassifier.java @@ -141,7 +141,8 @@ public boolean isResourceNotFound() { if (messageContext.getPropertyKeySet().contains(SynapseConstants.ERROR_CODE)) { int errorCode = (int) messageContext.getProperty(SynapseConstants.ERROR_CODE); return messageContext.getPropertyKeySet().contains(RESTConstants.PROCESSED_API) - && errorCode == Constants.RESOURCE_NOT_FOUND_ERROR_CODE; + && (errorCode == Constants.RESOURCE_NOT_FOUND_ERROR_CODE + || errorCode == Constants.RESOURCE_NOT_FOUND_APIM_ERROR_CODE); } return false; } diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/SynapseAnalyticsDataProvider.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/SynapseAnalyticsDataProvider.java index 8fbcf6c225c5..6042ce7f9787 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/SynapseAnalyticsDataProvider.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/SynapseAnalyticsDataProvider.java @@ -522,7 +522,8 @@ private boolean isAuthFaultRequest() { int errorCode = getErrorCode(); return errorCode >= Constants.ERROR_CODE_RANGES.AUTH_FAILURE_START - && errorCode < Constants.ERROR_CODE_RANGES.AUTH_FAILURE__END; + && errorCode < Constants.ERROR_CODE_RANGES.AUTH_FAILURE__END + && errorCode != Constants.RESOURCE_NOT_FOUND_APIM_ERROR_CODE; } private boolean isThrottledFaultRequest() { diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/common/APIMgtLatencyStatsHandler.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/common/APIMgtLatencyStatsHandler.java index 4b06dc73f491..7fb83493a898 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/common/APIMgtLatencyStatsHandler.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/common/APIMgtLatencyStatsHandler.java @@ -131,7 +131,9 @@ private void setSwaggerToMessageContext(MessageContext messageContext) { swagger = localEntryObj.getValue().toString(); OpenAPIParser parser = new OpenAPIParser(); ParseOptions parseOptions = new ParseOptions(); + parseOptions.setResolve(true); parseOptions.setResolveFully(true); + parseOptions.setResolveCombinators(false); openAPI = parser.readContents(swagger, null, parseOptions).getOpenAPI(); // HTTP headers should be case insensitive as for HTTP 1.1 RFC // Thus converting headers to lowercase for schema validation. diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/APIKeyValidator.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/APIKeyValidator.java index e83d6e71833b..b7884651ac12 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/APIKeyValidator.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/APIKeyValidator.java @@ -59,6 +59,7 @@ import java.util.Arrays; import java.util.LinkedHashMap; import java.util.LinkedHashSet; +import java.util.LinkedList; import java.util.List; import java.util.Map; import java.util.Set; @@ -399,16 +400,21 @@ public List findMatchingVerb(MessageContext synCtx) throws Resource if (selectedApi != null) { Resource[] selectedAPIResources = selectedApi.getResources(); - Set acceptableResources = new LinkedHashSet(); + List acceptableResourcesList = new LinkedList<>(); for (Resource resource : selectedAPIResources) { //If the requesting method is OPTIONS or if the Resource contains the requesting method - if (RESTConstants.METHOD_OPTIONS.equals(httpMethod) || + if (RESTConstants.METHOD_OPTIONS.equals(httpMethod) && (resource.getMethods() != null && Arrays.asList(resource.getMethods()).contains(httpMethod))) { - acceptableResources.add(resource); + acceptableResourcesList.add(0, resource); + } else if (RESTConstants.METHOD_OPTIONS.equals(httpMethod) || + (resource.getMethods() != null && Arrays.asList(resource.getMethods()).contains(httpMethod))) { + acceptableResourcesList.add(resource); } } + Set acceptableResources = new LinkedHashSet<>(acceptableResourcesList); + if (acceptableResources.size() > 0) { for (RESTDispatcher dispatcher : RESTUtils.getDispatchers()) { Resource resource = dispatcher.findResource(synCtx, acceptableResources); @@ -743,9 +749,9 @@ public APIKeyValidationInfoDTO validateSubscription(String context, String versi } public APIKeyValidationInfoDTO validateSubscription(String context, String version, int appID, - String tenantDomain) + String tenantDomain, String keyType) throws APISecurityException { - return dataStore.validateSubscription(context, version, appID,tenantDomain); + return dataStore.validateSubscription(context, version, appID,tenantDomain, keyType); } /** diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/APIKeyDataStore.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/APIKeyDataStore.java index 4a4d5adef1f3..043132176e2f 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/APIKeyDataStore.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/APIKeyDataStore.java @@ -107,7 +107,7 @@ APIKeyValidationInfoDTO validateSubscription(String context, String version, Str * @return an APIKeyValidationInfoDTO instance containing key validation data * @throws org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException on error */ - APIKeyValidationInfoDTO validateSubscription(String context, String version, int appId, String tenantDomain) + APIKeyValidationInfoDTO validateSubscription(String context, String version, int appId, String tenantDomain, String keyType) throws APISecurityException; /** * Validate scopes bound to the resource of the API being invoked against the scopes of the token. diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/APIKeyValidatorClient.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/APIKeyValidatorClient.java index 1f69d5d08f09..87d71ac2a1ed 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/APIKeyValidatorClient.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/APIKeyValidatorClient.java @@ -76,12 +76,12 @@ public APIKeyValidationInfoDTO validateSubscription(String context, String versi } public APIKeyValidationInfoDTO validateSubscription(String context, String version, int appId, - String tenantDomain) + String tenantDomain, String keyType) throws APISecurityException { try { return apiKeyValidationService - .validateSubscription(context, version, appId, tenantDomain); + .validateSubscription(context, version, appId, tenantDomain, keyType); } catch (APIKeyMgtException | APIManagementException e) { log.error("Error while validate subscriptions", e); throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/WSAPIKeyDataStore.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/WSAPIKeyDataStore.java index dfc1ba7d8ee3..3efc29661240 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/WSAPIKeyDataStore.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/WSAPIKeyDataStore.java @@ -107,11 +107,11 @@ public APIKeyValidationInfoDTO validateSubscription(String context, String versi @Override public APIKeyValidationInfoDTO validateSubscription(String context, String version, int appId, - String tenantDomain) + String tenantDomain, String keyType) throws APISecurityException { APIKeyValidatorClient client = new APIKeyValidatorClient(); try { - return client.validateSubscription(context, version, appId, tenantDomain); + return client.validateSubscription(context, version, appId, tenantDomain, keyType); } catch (APISecurityException ex) { throw new APISecurityException(ex.getErrorCode(), "Resource forbidden", ex); diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/utils/GatewayUtils.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/utils/GatewayUtils.java index 9879f7de129b..750e247e7bb4 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/utils/GatewayUtils.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/utils/GatewayUtils.java @@ -796,6 +796,7 @@ public static JSONObject validateAPISubscription(String apiContext, String apiVe APIKeyValidator apiKeyValidator = new APIKeyValidator(); APIKeyValidationInfoDTO apiKeyValidationInfoDTO = null; JSONObject application; + String keyType = (String) payload.getClaim(APIConstants.JwtTokenConstants.KEY_TYPE); int appId = 0; if (payload.getClaim(APIConstants.JwtTokenConstants.APPLICATION) != null) { try { @@ -813,7 +814,7 @@ public static JSONObject validateAPISubscription(String apiContext, String apiVe // if the appId is equal to 0 then it's a internal key if (appId != 0) { apiKeyValidationInfoDTO = - apiKeyValidator.validateSubscription(apiContext, apiVersion, appId, getTenantDomain()); + apiKeyValidator.validateSubscription(apiContext, apiVersion, appId, getTenantDomain(), keyType); } if (payload.getClaim(APIConstants.JwtTokenConstants.SUBSCRIBED_APIS) != null) { @@ -887,6 +888,7 @@ public static APIKeyValidationInfoDTO validateAPISubscription(String apiContext, APIKeyValidator apiKeyValidator = new APIKeyValidator(); APIKeyValidationInfoDTO apiKeyValidationInfoDTO = null; + String keyType = (String) payload.getClaim(APIConstants.JwtTokenConstants.KEY_TYPE); int appId = 0; if (payload.getClaim(APIConstants.JwtTokenConstants.APPLICATION) != null) { try { @@ -904,13 +906,12 @@ public static APIKeyValidationInfoDTO validateAPISubscription(String apiContext, // if the appId is equal to 0 then it's a internal key if (appId != 0) { apiKeyValidationInfoDTO = - apiKeyValidator.validateSubscription(apiContext, apiVersion, appId, getTenantDomain()); + apiKeyValidator.validateSubscription(apiContext, apiVersion, appId, getTenantDomain(), keyType); if (apiKeyValidationInfoDTO.isAuthorized()) { if (log.isDebugEnabled()) { log.debug("User is subscribed to the API: " + apiContext + ", " + "version: " + apiVersion + ". Token: " + getMaskedToken(token)); } - String keyType = (String) payload.getClaim(APIConstants.JwtTokenConstants.KEY_TYPE); apiKeyValidationInfoDTO.setType(keyType); } else { if (log.isDebugEnabled()) { diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/test/java/org/wso2/carbon/apimgt/gateway/handlers/DefaultAPIHandlerTest.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/test/java/org/wso2/carbon/apimgt/gateway/handlers/DefaultAPIHandlerTest.java index bf5d90a26164..6416c89b6f2a 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/test/java/org/wso2/carbon/apimgt/gateway/handlers/DefaultAPIHandlerTest.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/test/java/org/wso2/carbon/apimgt/gateway/handlers/DefaultAPIHandlerTest.java @@ -29,8 +29,11 @@ import org.powermock.api.mockito.PowerMockito; import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; +import org.wso2.carbon.apimgt.gateway.internal.ServiceReferenceHolder; import org.wso2.carbon.apimgt.gateway.utils.GatewayUtils; import org.wso2.carbon.apimgt.impl.APIConstants; +import org.wso2.carbon.apimgt.impl.APIManagerConfiguration; +import org.wso2.carbon.apimgt.impl.dto.ExtendedJWTConfigurationDto; import org.wso2.carbon.apimgt.keymgt.model.entity.API; import org.wso2.carbon.inbound.endpoint.protocol.websocket.InboundWebsocketConstants; @@ -38,14 +41,27 @@ import java.util.TreeMap; @RunWith(PowerMockRunner.class) -@PrepareForTest({ApiUtils.class, Utils.class, GatewayUtils.class}) +@PrepareForTest({ApiUtils.class, Utils.class, GatewayUtils.class, ServiceReferenceHolder.class, APIManagerConfiguration.class, ExtendedJWTConfigurationDto.class}) public class DefaultAPIHandlerTest { + private ServiceReferenceHolder serviceReferenceHolder; + private APIManagerConfiguration apiManagerConfiguration; + private ExtendedJWTConfigurationDto extendedJWTConfigurationDto; + @Before public void init() { PowerMockito.mockStatic(ApiUtils.class); PowerMockito.mockStatic(Utils.class); PowerMockito.mockStatic(GatewayUtils.class); + PowerMockito.mockStatic(ServiceReferenceHolder.class); + serviceReferenceHolder = Mockito.mock(ServiceReferenceHolder.class); + apiManagerConfiguration = Mockito.mock(APIManagerConfiguration.class); + extendedJWTConfigurationDto = Mockito.mock(ExtendedJWTConfigurationDto.class); + Mockito.when(ServiceReferenceHolder.getInstance()).thenReturn(serviceReferenceHolder); + Mockito.when(serviceReferenceHolder.getAPIManagerConfiguration()).thenReturn(apiManagerConfiguration); + Mockito.when(apiManagerConfiguration.getJwtConfigurationDto()).thenReturn(extendedJWTConfigurationDto); + Mockito.when(extendedJWTConfigurationDto.isJWKSApiEnabled()).thenReturn(true); + } @Test diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.impl/pom.xml index 8278150b470d..012f2c4ea365 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/pom.xml @@ -12,7 +12,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIAdminImpl.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIAdminImpl.java index 1027c4e2f59e..ca2d09019165 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIAdminImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIAdminImpl.java @@ -1216,7 +1216,7 @@ private int isCategoryAttached(APICategory category, String username) throws API //APIs and API categories String searchQuery = APIConstants.CATEGORY_SEARCH_TYPE_PREFIX + ":*" + category.getName() + "*"; String tenantDomain = MultitenantUtils.getTenantDomain(username); - Map result = apiProvider.searchPaginatedAPIs(searchQuery, tenantDomain, 0, Integer.MAX_VALUE, null, null); + Map result = apiProvider.searchPaginatedAPIs(searchQuery, tenantDomain, 0, Integer.MAX_VALUE); return (int) (Integer) result.get("length"); } diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConstants.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConstants.java index 856731b01b82..32d6e84cff4b 100755 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConstants.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConstants.java @@ -464,6 +464,7 @@ public final class APIConstants { public static final String BINDING_FEDERATED_USER_CLAIMS = "EnableBindingFederatedUserClaims"; public static final String TOKEN_GENERATOR_IMPL = "JWTGeneratorImpl"; public static final String ENABLE_JWT_GENERATION = "EnableJWTGeneration"; + public static final String Enable_JWKS_API = "EnableJWKSApi"; public static final String CLAIMS_RETRIEVER_CLASS = "ClaimsRetrieverImplClass"; public static final String USE_KID = "UseKidProperty"; public static final String CONSUMER_DIALECT_URI = "ConsumerDialectURI"; @@ -864,6 +865,10 @@ private Permissions() { public static final String API_RESTAPI_ALLOWED_URI = API_RESTAPI + "AllowedURIs.AllowedURI."; public static final String API_RESTAPI_ALLOWED_URI_URI = API_RESTAPI_ALLOWED_URI + "URI"; public static final String API_RESTAPI_ALLOWED_URI_HTTPMethods = API_RESTAPI_ALLOWED_URI + "HTTPMethods"; + public static final String API_RESTAPI_BASIC_AUTH_BLOCKED_URI = API_RESTAPI + "BasicAuthBlockedURIs.BasicAuthBlockedURI."; + public static final String API_RESTAPI_BASIC_AUTH_BLOCKED_URI_URI = API_RESTAPI_BASIC_AUTH_BLOCKED_URI + "URI"; + public static final String API_RESTAPI_BASIC_AUTH_BLOCKED_URI_HTTPMethods = + API_RESTAPI_BASIC_AUTH_BLOCKED_URI + "HTTPMethods"; public static final String API_RESTAPI_ETAG_SKIP_LIST = API_RESTAPI + "ETagSkipList."; public static final String API_RESTAPI_ETAG_SKIP_URI = API_RESTAPI_ETAG_SKIP_LIST + "ETagSkipURI."; public static final String API_RESTAPI_ETAG_SKIP_URI_URI = API_RESTAPI_ETAG_SKIP_URI + "URI"; @@ -2186,6 +2191,8 @@ public static class AuditLogConstants { public static final String APPLICATION = "Application"; public static final String SUBSCRIPTION = "Subscription"; public static final String KEY_MANAGER = "KeyManager/IdP"; + public static final String DOCUMENT = "Document"; + public static final String DOCUMENT_CONTENT = "DocumentContent"; public static final String NAME = "name"; public static final String SCOPE = "scope"; @@ -2195,6 +2202,9 @@ public static class AuditLogConstants { public static final String PROVIDER = "provider"; public static final String OWNER = "owner"; public static final String TIER = "tier"; + public static final String API_ID = "apiId"; + public static final String DOCUMENT_ID = "documentId"; + public static final String TYPE = "type"; public static final String REQUESTED_TIER = "requested_tier"; public static final String CALLBACK = "callbackURL"; public static final String GROUPS = "groups"; @@ -3252,4 +3262,7 @@ public static class TransactionCounter { public static final String TRANSACTIONCOUNTER = "TransactionCounter"; public static final String COUNTER_ENABLED = "Enabled"; } + + //Property for enabling application update capabilities for users in the same organization. + public static final String ORGANIZATION_WIDE_APPLICATION_UPDATE_ENABLED = "orgWideAppUpdateEnabled"; } diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConsumerImpl.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConsumerImpl.java index cae01e9c1ad9..8edc0129f3a1 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConsumerImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConsumerImpl.java @@ -215,6 +215,8 @@ public class APIConsumerImpl extends AbstractAPIManager implements APIConsumer { private final Object tagCacheMutex = new Object(); protected String userNameWithoutChange; + boolean orgWideAppUpdateEnabled = Boolean.getBoolean(APIConstants.ORGANIZATION_WIDE_APPLICATION_UPDATE_ENABLED); + public APIConsumerImpl() throws APIManagementException { super(); @@ -1790,7 +1792,7 @@ public void updateApplication(Application application) throws APIManagementExcep isUserAppOwner = application.getSubscriber().getName().equals(existingApp.getSubscriber().getName()); } - if (!isUserAppOwner) { + if (!orgWideAppUpdateEnabled && !isUserAppOwner) { throw new APIManagementException("user: " + application.getSubscriber().getName() + ", " + "attempted to update application owned by: " + existingApp.getSubscriber().getName()); } @@ -1982,7 +1984,7 @@ public void removeApplication(Application application, String username) throws A isUserAppOwner = application.getSubscriber().getName().equals(username); } - if (!isUserAppOwner) { + if (!orgWideAppUpdateEnabled && !isUserAppOwner) { throw new APIManagementException("user: " + username + ", " + "attempted to remove application owned by: " + application.getSubscriber().getName()); } @@ -2356,7 +2358,7 @@ public Map requestApprovalForApplicationRegistration(String user isUserAppOwner = application.getSubscriber().getName().equals(userId); } - if (!isUserAppOwner) { + if (!orgWideAppUpdateEnabled && !isUserAppOwner) { throw new APIManagementException("user: " + application.getSubscriber().getName() + ", " + "attempted to generate tokens for application owned by: " + userId); } @@ -2382,7 +2384,7 @@ else if (APIConstants.API_KEY_TYPE_SANDBOX.equals(tokenType)) { } else { throw new APIManagementException("Invalid Token Type '" + tokenType + "' requested."); } - + if (appRegistrationWorkflow == null ) { appRegistrationWorkflow = new ApplicationRegistrationSimpleWorkflowExecutor(); } @@ -2856,7 +2858,7 @@ public OAuthApplicationInfo updateAuthClient(String userId, Application applicat isUserAppOwner = subscriberName.equals(userId); } - if (!isUserAppOwner) { + if (!orgWideAppUpdateEnabled && !isUserAppOwner) { throw new APIManagementException("user: " + userId + ", attempted to update OAuth application " + "owned by: " + subscriberName); } @@ -3838,8 +3840,8 @@ public void changeUserPassword(String currentPassword, String newPassword) throw } @Override - public Map searchPaginatedAPIs(String searchQuery, String organization, int start, int end, - String sortBy, String sortOrder) throws APIManagementException { + public Map searchPaginatedAPIs(String searchQuery, String organization, int start, int end) + throws APIManagementException { Map result = new HashMap(); if (log.isDebugEnabled()) { @@ -3906,7 +3908,8 @@ public ApiTypeWrapper getAPIorAPIProductByUUID(String uuid, String organization) uuid); if (devPortalApi != null) { checkVisibilityPermission(userNameWithoutChange, devPortalApi.getVisibility(), - devPortalApi.getVisibleRoles()); + devPortalApi.getVisibleRoles(), devPortalApi.getPublisherAccessControl(), + devPortalApi.getPublisherAccessControlRoles()); if (APIConstants.API_PRODUCT.equalsIgnoreCase(devPortalApi.getType())) { APIProduct apiProduct = APIMapper.INSTANCE.toApiProduct(devPortalApi); apiProduct.setID(new APIProductIdentifier(devPortalApi.getProviderName(), @@ -3935,7 +3938,8 @@ public ApiTypeWrapper getAPIorAPIProductByUUID(String uuid, String organization) } } - protected void checkVisibilityPermission(String userNameWithTenantDomain, String visibility, String visibilityRoles) + protected void checkVisibilityPermission(String userNameWithTenantDomain, String visibility, String visibilityRoles, + String publisherAccessControl, String publisherAccessControlRoles) throws APIManagementException { if (visibility == null || visibility.trim().isEmpty() @@ -3945,11 +3949,39 @@ protected void checkVisibilityPermission(String userNameWithTenantDomain, String } return; } - if (APIUtil.hasPermission(userNameWithTenantDomain, APIConstants.Permissions.APIM_ADMIN) - || APIUtil.hasPermission(userNameWithTenantDomain, APIConstants.Permissions.API_CREATE) - || APIUtil.hasPermission(userNameWithTenantDomain, APIConstants.Permissions.API_PUBLISH)) { + if (APIUtil.hasPermission(userNameWithTenantDomain, APIConstants.Permissions.APIM_ADMIN)) { return; } + if (APIUtil.hasPermission(userNameWithTenantDomain, APIConstants.Permissions.API_CREATE) + || APIUtil.hasPermission(userNameWithTenantDomain, APIConstants.Permissions.API_PUBLISH)) { + if (publisherAccessControl == null || publisherAccessControl.trim().isEmpty() + || publisherAccessControl.equalsIgnoreCase(APIConstants.NO_ACCESS_CONTROL)) { + // If the API has not been restricted with publisher access control, the API will be visible to all + // creators and publishers irrespective of devportal visibility restrictions. + return; + } else { + // If the API has been restricted with publisher access control, the API will be visible to creators + // and publishers having the roles which has been specified under publisher access control irrespective + // of devportal visibility restrictions. + if (publisherAccessControlRoles != null && !publisherAccessControlRoles.trim().isEmpty()) { + String[] accessControlRoleList = publisherAccessControlRoles.replaceAll("\\s+", "").split(","); + if (log.isDebugEnabled()) { + log.debug("API has restricted access to creators and publishers with the roles : " + + Arrays.toString(accessControlRoleList)); + } + String[] userRoleList = APIUtil.getListOfRoles(userNameWithTenantDomain); + if (log.isDebugEnabled()) { + log.debug("User " + username + " has roles " + Arrays.toString(userRoleList)); + } + for (String role : accessControlRoleList) { + if (!role.equalsIgnoreCase(APIConstants.NULL_USER_ROLE_LIST) + && APIUtil.compareRoleList(userRoleList, role)) { + return; + } + } + } + } + } if (visibilityRoles != null && !visibilityRoles.trim().isEmpty()) { String[] visibilityRolesList = visibilityRoles.replaceAll("\\s+", "").split(","); @@ -4032,7 +4064,8 @@ public API getLightweightAPIByUUID(String uuid, String organization) throws APIM DevPortalAPI devPortalApi = apiPersistenceInstance.getDevPortalAPI(org, uuid); if (devPortalApi != null) { checkVisibilityPermission(userNameWithoutChange, devPortalApi.getVisibility(), - devPortalApi.getVisibleRoles()); + devPortalApi.getVisibleRoles(), devPortalApi.getPublisherAccessControl(), + devPortalApi.getPublisherAccessControlRoles()); API api = APIMapper.INSTANCE.toApi(devPortalApi); /// populate relavant external info @@ -4266,7 +4299,8 @@ protected void checkAPIVisibilityRestriction(String apiId, String organization) try { DevPortalAPI api = apiPersistenceInstance.getDevPortalAPI(new Organization(organization), apiId); if (api != null) { - checkVisibilityPermission(userNameWithoutChange, api.getVisibility(), api.getVisibleRoles()); + checkVisibilityPermission(userNameWithoutChange, api.getVisibility(), api.getVisibleRoles(), + api.getPublisherAccessControl(), api.getPublisherAccessControlRoles()); } } catch (APIPersistenceException e) { throw new APIManagementException("Error while accessing dev portal API", e); diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIManagerConfiguration.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIManagerConfiguration.java index f6282dc4edac..0c7e6d4e9e30 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIManagerConfiguration.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIManagerConfiguration.java @@ -1787,6 +1787,10 @@ private void setJWTConfiguration(OMElement omElement) { } } } + + OMElement jwksApiEnableElement = + omElement.getFirstChildWithName(new QName(APIConstants.Enable_JWKS_API)); + jwtConfigurationDto.setJWKSApiEnabled(Boolean.parseBoolean(jwksApiEnableElement.getText())); } public ThrottleProperties getThrottleProperties() { diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIProviderImpl.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIProviderImpl.java index a06a898cf5c6..4bed9e0e64dc 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIProviderImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIProviderImpl.java @@ -2327,6 +2327,11 @@ public String retrieveServiceKeyByApiId(int apiId, int tenantId) throws APIManag public void removeDocumentation(String apiId, String docId, String organization) throws APIManagementException { try { apiPersistenceInstance.deleteDocumentation(new Organization(organization), apiId, docId); + JSONObject apiLogObject = new JSONObject(); + apiLogObject.put(APIConstants.AuditLogConstants.DOCUMENT_ID, docId); + apiLogObject.put(APIConstants.AuditLogConstants.API_ID, apiId); + APIUtil.logAuditMessage(APIConstants.AuditLogConstants.DOCUMENT, apiLogObject.toString(), + APIConstants.AuditLogConstants.DELETED, this.username); } catch (DocumentationPersistenceException e) { throw new APIManagementException("Error while deleting the document " + docId); } @@ -2351,6 +2356,13 @@ public Documentation updateDocumentation(String apiId, Documentation documentati org.wso2.carbon.apimgt.persistence.dto.Documentation updatedDoc = apiPersistenceInstance .updateDocumentation(new Organization(organization), apiId, mappedDoc); if (updatedDoc != null) { + JSONObject apiLogObject = new JSONObject(); + apiLogObject.put(APIConstants.AuditLogConstants.NAME, documentation.getName()); + apiLogObject.put(APIConstants.AuditLogConstants.TYPE, documentation.getType()); + apiLogObject.put(APIConstants.AuditLogConstants.DOCUMENT_ID, documentation.getId()); + apiLogObject.put(APIConstants.AuditLogConstants.API_ID, apiId); + APIUtil.logAuditMessage(APIConstants.AuditLogConstants.DOCUMENT, apiLogObject.toString(), + APIConstants.AuditLogConstants.UPDATED, this.username); return DocumentMapper.INSTANCE.toDocumentation(updatedDoc); } } catch (DocumentationPersistenceException e) { @@ -2370,6 +2382,13 @@ public Documentation addDocumentation(String uuid, Documentation documentation, org.wso2.carbon.apimgt.persistence.dto.Documentation addedDoc = apiPersistenceInstance.addDocumentation( new Organization(organization), uuid, mappedDoc); if (addedDoc != null) { + JSONObject apiLogObject = new JSONObject(); + apiLogObject.put(APIConstants.AuditLogConstants.NAME, addedDoc.getName()); + apiLogObject.put(APIConstants.AuditLogConstants.TYPE, addedDoc.getType()); + apiLogObject.put(APIConstants.AuditLogConstants.DOCUMENT_ID, addedDoc.getId()); + apiLogObject.put(APIConstants.AuditLogConstants.API_ID, uuid); + APIUtil.logAuditMessage(APIConstants.AuditLogConstants.DOCUMENT, apiLogObject.toString(), + APIConstants.AuditLogConstants.CREATED, this.username); return DocumentMapper.INSTANCE.toDocumentation(addedDoc); } } catch (DocumentationPersistenceException e) { @@ -5407,7 +5426,7 @@ public APISearchResult searchPaginatedAPIsByFQDN(String endpoint, String tenantD try { PublisherAPISearchResult searchAPIs = apiPersistenceInstance.searchAPIsForPublisher(org, query, - offset, limit, userCtx, "createdTime", "desc"); + offset, limit, userCtx); if (log.isDebugEnabled()) { log.debug("Running Solr query : " + query); } @@ -5514,8 +5533,8 @@ public APIProduct getAPIProductbyUUID(String uuid, String organization) throws A } @Override - public Map searchPaginatedAPIs(String searchQuery, String organization, int start, int end, - String sortBy, String sortOrder) throws APIManagementException { + public Map searchPaginatedAPIs(String searchQuery, String organization, int start, int end) + throws APIManagementException { Map result = new HashMap(); if (log.isDebugEnabled()) { log.debug("Original search query received : " + searchQuery); @@ -5527,7 +5546,7 @@ public Map searchPaginatedAPIs(String searchQuery, String organi UserContext userCtx = new UserContext(userNameWithoutChange, org, properties, roles); try { PublisherAPISearchResult searchAPIs = apiPersistenceInstance.searchAPIsForPublisher(org, searchQuery, - start, end, userCtx, sortBy, sortOrder); + start, end, userCtx); if (log.isDebugEnabled()) { log.debug("searched APIs for query : " + searchQuery + " :-->: " + searchAPIs.toString()); } @@ -5662,6 +5681,11 @@ public void addDocumentationContent(String uuid, String docId, String organizati mappedContent = DocumentMapper.INSTANCE.toDocumentContent(content); DocumentContent doc = apiPersistenceInstance.addDocumentationContent(new Organization(organization), uuid, docId, mappedContent); + JSONObject apiLogObject = new JSONObject(); + apiLogObject.put(APIConstants.AuditLogConstants.DOCUMENT_ID, docId); + apiLogObject.put(APIConstants.AuditLogConstants.API_ID, uuid); + APIUtil.logAuditMessage(APIConstants.AuditLogConstants.DOCUMENT_CONTENT, apiLogObject.toString(), + APIConstants.AuditLogConstants.UPDATED, this.username); } catch (DocumentationPersistenceException e) { throw new APIManagementException("Error while adding content to doc " + docId); } diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/AbstractAPIManager.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/AbstractAPIManager.java index 29d8c2decc12..08c31db1e05f 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/AbstractAPIManager.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/AbstractAPIManager.java @@ -142,7 +142,7 @@ public List getAllAPIs() throws APIManagementException { UserContext userCtx = new UserContext(username, org, properties, roles); try { PublisherAPISearchResult searchAPIs = apiPersistenceInstance.searchAPIsForPublisher(org, "", 0, - Integer.MAX_VALUE, userCtx, null, null); + Integer.MAX_VALUE, userCtx); if (searchAPIs != null) { List list = searchAPIs.getPublisherAPIInfoList(); diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/UserAwareAPIConsumer.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/UserAwareAPIConsumer.java index 85214755a026..2b13bc79869f 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/UserAwareAPIConsumer.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/UserAwareAPIConsumer.java @@ -138,7 +138,7 @@ public ApiTypeWrapper getAPIorAPIProductByUUID(String uuid, String organization) public API getLightweightAPI(APIIdentifier identifier, String orgId) throws APIManagementException { API api = super.getLightweightAPI(identifier, orgId); checkVisibilityPermission(userNameWithoutChange, api.getVisibility(), - api.getVisibleRoles()); + api.getVisibleRoles(), api.getAccessControl(), api.getAccessControlRoles()); return api; } } diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dto/ExtendedJWTConfigurationDto.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dto/ExtendedJWTConfigurationDto.java index 4da31ddface2..285b2a12b30e 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dto/ExtendedJWTConfigurationDto.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dto/ExtendedJWTConfigurationDto.java @@ -8,6 +8,7 @@ public class ExtendedJWTConfigurationDto extends JWTConfigurationDto { private boolean tenantBasedSigningEnabled; private boolean enableUserClaimRetrievalFromUserStore; private boolean isBindFederatedUserClaims; + private boolean isJWKSApiEnabled; public String getClaimRetrieverImplClass() { @@ -58,4 +59,12 @@ public void setBindFederatedUserClaims(boolean isBindFederatedUserClaims) { this.isBindFederatedUserClaims = isBindFederatedUserClaims; } + + public boolean isJWKSApiEnabled() { + return isJWKSApiEnabled; + } + + public void setJWKSApiEnabled(boolean JWKSApiEnabled) { + this.isJWKSApiEnabled = JWKSApiEnabled; + } } diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/handlers/APIIndexingHandler.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/handlers/APIIndexingHandler.java new file mode 100644 index 000000000000..6a02d1d8aa91 --- /dev/null +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/handlers/APIIndexingHandler.java @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.apimgt.impl.handlers; + +import org.wso2.carbon.registry.core.exceptions.RegistryException; +import org.wso2.carbon.registry.core.jdbc.handlers.RequestContext; +import org.wso2.carbon.registry.indexing.IndexingHandler; + +/** + * This is the Indexing handler to skip indexing of older API revisions + */ +public class APIIndexingHandler extends IndexingHandler { + public void put(RequestContext requestContext) throws RegistryException { + if (requestContext.getResourcePath().getPath().contains("/apimgt/applicationdata/apis/")) { + return; + } + super.put(requestContext); + } +} \ No newline at end of file diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/importexport/ImportExportConstants.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/importexport/ImportExportConstants.java index 6aca3a4a3696..b2658c493a58 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/importexport/ImportExportConstants.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/importexport/ImportExportConstants.java @@ -203,7 +203,7 @@ public final class ImportExportConstants { public static final String TYPE_POLICY_SPECIFICATION = "operation_policy_specification"; - public static final String APIM_VERSION = "v4.4.0"; + public static final String APIM_VERSION = "v4.5.0"; public static final String ENDPOINT_CONFIG = "endpointConfig"; diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/utils/APIUtil.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/utils/APIUtil.java index fde4b5f08aea..3bcd9c710046 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/utils/APIUtil.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/utils/APIUtil.java @@ -7045,7 +7045,7 @@ public static DocumentBuilderFactory getSecuredDocumentBuilder() { public static void logAuditMessage(String entityType, String entityInfo, String action, String performedBy) { JSONObject jsonObject = new JSONObject(); - jsonObject.put("typ", entityType); + jsonObject.put("type", entityType); jsonObject.put("action", action); jsonObject.put("performedBy", performedBy); if (entityInfo != null && !StringUtils.isBlank(entityInfo)) { @@ -10972,4 +10972,20 @@ public static boolean getTransactionCounterEnable() { return ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService() .getAPIManagerConfiguration().getTransactionCounterProperties(); } + + /** + * Checks if organization-wide application updates are enabled. + *

+ * This method retrieves the value of the system property defined by + * ORGANIZATION_WIDE_APPLICATION_UPDATE_ENABLED. + * If the property is not set, it returns false by default. + * + * @return {true} if organization-wide application updates are enabled; + * {false} otherwise. + */ + public static Boolean isOrgWideAppUpdateEnabled() { + + return Boolean.getBoolean( + APIConstants.ORGANIZATION_WIDE_APPLICATION_UPDATE_ENABLED); + } } diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/APIProviderImplTest.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/APIProviderImplTest.java index 87b99d361bc0..e691ed9c62d3 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/APIProviderImplTest.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/APIProviderImplTest.java @@ -1657,9 +1657,7 @@ public void testSearchPaginatedAPIsByFQDNWithCorrectInputs() throws APIManagemen Mockito.anyString(), Mockito.anyInt(), Mockito.anyInt(), - Mockito.any(UserContext.class), - Mockito.anyString(), - Mockito.anyString())).thenReturn(returnSearchAPIs); + Mockito.any(UserContext.class))).thenReturn(returnSearchAPIs); APIProviderImplWrapper apiProvider = new APIProviderImplWrapper(apiPersistenceInstance, apimgtDAO, scopesDAO); @@ -1692,9 +1690,7 @@ public void testSearchPaginatedAPIsByFQDNWhenSearchResultIsNull() throws APIMana Mockito.anyString(), Mockito.anyInt(), Mockito.anyInt(), - Mockito.any(UserContext.class), - Mockito.anyString(), - Mockito.anyString())).thenReturn(null); + Mockito.any(UserContext.class))).thenReturn(null); APIProviderImplWrapper apiProvider = new APIProviderImplWrapper(apiPersistenceInstance, apimgtDAO, scopesDAO); diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/AbstractAPIManagerTestCase.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/AbstractAPIManagerTestCase.java index 90f43248de64..0a130d890348 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/AbstractAPIManagerTestCase.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/AbstractAPIManagerTestCase.java @@ -148,7 +148,7 @@ public void testGetAllApis() throws GovernanceException, APIManagementException, value.setPublisherAPIInfoList(publisherAPIInfoList); Mockito.when(apiPersistenceInstance.searchAPIsForPublisher(any(Organization.class), anyString(), - anyInt(), anyInt(), any(UserContext.class), isNull(), isNull())).thenReturn(value); + anyInt(), anyInt(), any(UserContext.class))).thenReturn(value); List apis = abstractAPIManager.getAllAPIs(); Assert.assertNotNull(apis); Assert.assertEquals(apis.size(), 1); diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/AbstractAPIManagerWrapper.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/AbstractAPIManagerWrapper.java index 23e3afba343d..54e714023bd5 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/AbstractAPIManagerWrapper.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/AbstractAPIManagerWrapper.java @@ -133,8 +133,8 @@ public API getLightweightAPIByUUID(String uuid, String organization) throws APIM } @Override - public Map searchPaginatedAPIs(String searchQuery, String organization, int start, int end, - String sortBy, String sortOrder) throws APIManagementException { + public Map searchPaginatedAPIs(String searchQuery, String organization, int start, int end) + throws APIManagementException { // TODO Auto-generated method stub return null; } diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/dao/test/APIMgtDAOTest.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/dao/test/APIMgtDAOTest.java index d55c370503a3..94e393610ce6 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/dao/test/APIMgtDAOTest.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/java/org/wso2/carbon/apimgt/impl/dao/test/APIMgtDAOTest.java @@ -1818,12 +1818,13 @@ public void testRetrieveAllWorkflowFromInternalReference() throws Exception { } /** - * Test for getAPIRevisionDeploymentsByWorkflowStatusAndApiUUID method - * Checks whether the API revision deployment mapping details are retrieved correctly + * Test for testGetAndUpdateAPIRevisionDeploymentsByWorkflowStatusAndApiUUID method + * Checks whether the API revision deployment mapping details are retrieved correctly and + * Checks whether the API revision deployment status is updated correctly * @throws APIManagementException if an error occurs while retrieving revision deployment mapping details */ @Test - public void testGetAPIRevisionDeploymentsByWorkflowStatusAndApiUUID() throws Exception { + public void testGetAndUpdateAPIRevisionDeploymentsByWorkflowStatusAndApiUUID() throws Exception { String workflowStatus = "CREATED"; String apiUUID = "7af95c9d-6177-4191-ab3e-d3f6c1cdc4c2"; String revisionUUID = "821b9664-eeca-4173-9f56-3dc6d46bd6eb"; @@ -1836,24 +1837,14 @@ public void testGetAPIRevisionDeploymentsByWorkflowStatusAndApiUUID() throws Exc Assert.assertNotNull(apiRevisionDeployment); Assert.assertEquals(apiRevisionDeployment.getDeployment(), deployment); Assert.assertEquals(apiRevisionDeployment.getRevisionUUID(), revisionUUID); - } - /** - * Test for updateAPIRevisionDeploymentStatus method - * Checks whether the API revision deployment status is updated correctly - * @throws APIManagementException if an error occurs while updating revision deployment status - */ - @Test public void testUpdateAPIRevisionDeploymentStatus() throws Exception { - String workflowStatus = "APPROVED"; - String revisionUUID = "821b9664-eeca-4173-9f56-3dc6d46bd6eb"; - String apiId = "7af95c9d-6177-4191-ab3e-d3f6c1cdc4c2"; - String deployment = "default"; - apiMgtDAO.updateAPIRevisionDeploymentStatus(revisionUUID, workflowStatus, deployment); - List apiRevisionDeployments = apiMgtDAO.getAPIRevisionDeploymentByApiUUID(apiId); - Assert.assertNotNull(apiRevisionDeployments); - APIRevisionDeployment apiRevisionDeployment = apiRevisionDeployments.get(0); - Assert.assertNotNull(apiRevisionDeployment); - Assert.assertEquals(org.wso2.carbon.apimgt.api.WorkflowStatus.APPROVED,apiRevisionDeployment.getStatus()); + String workflowStatus2 = "APPROVED"; + apiMgtDAO.updateAPIRevisionDeploymentStatus(revisionUUID, workflowStatus2, deployment); + List apiRevisionDeployments2 = apiMgtDAO.getAPIRevisionDeploymentByApiUUID(apiUUID); + Assert.assertNotNull(apiRevisionDeployments2); + APIRevisionDeployment apiRevisionDeployment2 = apiRevisionDeployments2.get(0); + Assert.assertNotNull(apiRevisionDeployment2); + Assert.assertEquals(org.wso2.carbon.apimgt.api.WorkflowStatus.APPROVED,apiRevisionDeployment2.getStatus()); } @Test diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/resources/amConfig.xml b/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/resources/amConfig.xml index 6dce25404f9e..8c0ea5fb4854 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/resources/amConfig.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/test/resources/amConfig.xml @@ -11,6 +11,7 @@ false + true NONE diff --git a/components/apimgt/org.wso2.carbon.apimgt.internal.service/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.internal.service/pom.xml index e34728acd0e6..b8d646c1cb7f 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.internal.service/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.internal.service/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.jms.listener/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.jms.listener/pom.xml index 6e679c2214d3..590f6e0d2a09 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.jms.listener/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.jms.listener/pom.xml @@ -4,7 +4,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml 4.0.0 diff --git a/components/apimgt/org.wso2.carbon.apimgt.keymgt.client/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.keymgt.client/pom.xml index 4f4fdd567daf..d1cbb4230007 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.keymgt.client/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.keymgt.client/pom.xml @@ -16,7 +16,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.keymgt/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.keymgt/pom.xml index 4ac282692de2..4d21f716bb63 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.keymgt/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.keymgt/pom.xml @@ -16,7 +16,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/handlers/AbstractKeyValidationHandler.java b/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/handlers/AbstractKeyValidationHandler.java index e22562c825be..72b7fc1321ba 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/handlers/AbstractKeyValidationHandler.java +++ b/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/handlers/AbstractKeyValidationHandler.java @@ -200,7 +200,7 @@ public APIKeyValidationInfoDTO validateSubscription(String apiContext, String ap } @Override - public APIKeyValidationInfoDTO validateSubscription(String apiContext, String apiVersion, int appId) { + public APIKeyValidationInfoDTO validateSubscription(String apiContext, String apiVersion, int appId, String keyType) { APIKeyValidationInfoDTO apiKeyValidationInfoDTO = new APIKeyValidationInfoDTO(); if (log.isDebugEnabled()) { @@ -208,7 +208,7 @@ public APIKeyValidationInfoDTO validateSubscription(String apiContext, String ap log.debug("Validation Info : { context : " + apiContext + " , " + "version : " + apiVersion + " , appId : " + appId + " }"); } - validateSubscriptionDetails(apiContext, apiVersion, appId, apiKeyValidationInfoDTO); + validateSubscriptionDetails(apiContext, apiVersion, appId, apiKeyValidationInfoDTO, keyType); if (log.isDebugEnabled()) { log.debug("After validating subscriptions"); } @@ -230,7 +230,7 @@ private boolean validateSubscriptionDetails(String context, String version, Stri private boolean validateSubscriptionDetails(String context, String version, int appId, - APIKeyValidationInfoDTO infoDTO) { + APIKeyValidationInfoDTO infoDTO, String keyType) { // Check if the api version has been prefixed with _default_ if (version != null && version.startsWith(APIConstants.DEFAULT_VERSION_PREFIX)) { @@ -238,7 +238,7 @@ private boolean validateSubscriptionDetails(String context, String version, int version = version.split(APIConstants.DEFAULT_VERSION_PREFIX)[1]; } - validateSubscriptionDetails(infoDTO, context, version, appId); + validateSubscriptionDetails(infoDTO, context, version, appId, keyType); return infoDTO.isAuthorized(); } @@ -326,7 +326,7 @@ private APIKeyValidationInfoDTO validateSubscriptionDetails(APIKeyValidationInfo } private APIKeyValidationInfoDTO validateSubscriptionDetails(APIKeyValidationInfoDTO infoDTO, String context, - String version, int appId) { + String version, int appId, String keyType) { String apiTenantDomain = MultitenantUtils.getTenantDomainFromRequestURL(context); if (apiTenantDomain == null) { apiTenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME; @@ -367,7 +367,7 @@ private APIKeyValidationInfoDTO validateSubscriptionDetails(APIKeyValidationInfo } if (api != null && sub != null) { - validate(infoDTO, apiTenantDomain, tenantId, datastore, api, app, sub); + validate(infoDTO, apiTenantDomain, tenantId, datastore, api, app, sub, keyType); } else if (!infoDTO.isAuthorized() && infoDTO.getValidationStatus() == 0) { //Scenario where validation failed and message is not set infoDTO.setValidationStatus(APIConstants.KeyValidationStatus.API_AUTH_RESOURCE_FORBIDDEN); @@ -657,9 +657,8 @@ private APIKeyValidationInfoDTO validate(APIKeyValidationInfoDTO infoDTO, String private APIKeyValidationInfoDTO validate(APIKeyValidationInfoDTO infoDTO, String apiTenantDomain, int tenantId, - SubscriptionDataStore datastore, API api, Application app, Subscription sub) { + SubscriptionDataStore datastore, API api, Application app, Subscription sub, String keyType) { String subscriptionStatus = sub.getSubscriptionState(); - String type = app.getTokenType(); if (APIConstants.SubscriptionStatus.BLOCKED.equals(subscriptionStatus)) { infoDTO.setValidationStatus(APIConstants.KeyValidationStatus.API_BLOCKED); infoDTO.setAuthorized(false); @@ -670,9 +669,9 @@ private APIKeyValidationInfoDTO validate(APIKeyValidationInfoDTO infoDTO, String infoDTO.setAuthorized(false); return infoDTO; } else if (APIConstants.SubscriptionStatus.PROD_ONLY_BLOCKED.equals(subscriptionStatus) - && !APIConstants.API_KEY_TYPE_SANDBOX.equals(type)) { + && !APIConstants.API_KEY_TYPE_SANDBOX.equals(keyType)) { infoDTO.setValidationStatus(APIConstants.KeyValidationStatus.API_BLOCKED); - infoDTO.setType(type); + infoDTO.setType(keyType); infoDTO.setAuthorized(false); return infoDTO; } @@ -687,7 +686,7 @@ private APIKeyValidationInfoDTO validate(APIKeyValidationInfoDTO infoDTO, String infoDTO.setApplicationUUID(app.getUUID()); infoDTO.setApplicationGroupIds(app.getGroupIds().stream().map(GroupId::getGroupId).collect(Collectors.toSet())); infoDTO.setAppAttributes(app.getAttributes()); - infoDTO.setType(type); + infoDTO.setType(keyType); // Advanced Level Throttling Related Properties String apiTier = api.getApiTier(); diff --git a/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/handlers/KeyValidationHandler.java b/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/handlers/KeyValidationHandler.java index 362afe5a46f5..f94a87df88be 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/handlers/KeyValidationHandler.java +++ b/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/handlers/KeyValidationHandler.java @@ -54,7 +54,7 @@ boolean validateSubscription(TokenValidationContext tokenValidationContext) * @param appId * @return APIKeyValidationInfoDTO instance containing key validation data */ - APIKeyValidationInfoDTO validateSubscription(String apiContext, String apiVersion, int appId); + APIKeyValidationInfoDTO validateSubscription(String apiContext, String apiVersion, int appId, String keyType); /** * Validate Scopes by oAuth2TokenValidationMessageContext diff --git a/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/service/APIKeyValidationService.java b/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/service/APIKeyValidationService.java index cca9b3b76195..cd5a3d2ce8c3 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/service/APIKeyValidationService.java +++ b/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/service/APIKeyValidationService.java @@ -507,11 +507,11 @@ public boolean validateScopes(TokenValidationContext tokenValidationContext, Str * @throws APIManagementException in case of APIM Component initialization failure */ public APIKeyValidationInfoDTO validateSubscription(String context, String version, int appId, - String tenantDomain) + String tenantDomain, String keyType) throws APIKeyMgtException, APIManagementException { KeyValidationHandler keyValidationHandler = ServiceReferenceHolder.getInstance().getKeyValidationHandler(tenantDomain); - return keyValidationHandler.validateSubscription(context, version, appId); + return keyValidationHandler.validateSubscription(context, version, appId, keyType); } public Map retrieveScopes(String tenantDomain) { diff --git a/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/test/resources/amConfig.xml b/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/test/resources/amConfig.xml index aa5617ef824f..12a3dedbdfcb 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/test/resources/amConfig.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/test/resources/amConfig.xml @@ -11,6 +11,7 @@ true + true NONE false diff --git a/components/apimgt/org.wso2.carbon.apimgt.notification/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.notification/pom.xml index 353763099a57..de54c72cbf88 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.notification/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.notification/pom.xml @@ -19,7 +19,7 @@ apimgt org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT org.wso2.carbon.apimgt.notification 4.0.0 diff --git a/components/apimgt/org.wso2.carbon.apimgt.output.adapter.http/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.output.adapter.http/pom.xml index e514df67f331..da6e11318950 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.output.adapter.http/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.output.adapter.http/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.persistence/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.persistence/pom.xml index a04071ce90af..649b3d902d15 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.persistence/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.persistence/pom.xml @@ -3,7 +3,7 @@ apimgt org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml 4.0.0 diff --git a/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/APIPersistence.java b/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/APIPersistence.java index 63592cd946d8..9bb6851d7554 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/APIPersistence.java +++ b/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/APIPersistence.java @@ -170,13 +170,11 @@ void deleteAPIRevision(Organization org, String apiUUID, String revisionUUID, in * @param searchQuery search query * @param start starting index * @param offset offset to search - * @param sortBy sort criteria - * @param sortOrder sort order * @return Publisher API Search Result * @throws APIPersistenceException */ PublisherAPISearchResult searchAPIsForPublisher(Organization org, String searchQuery, int start, - int offset, UserContext ctx, String sortBy, String sortOrder) throws APIPersistenceException; + int offset, UserContext ctx) throws APIPersistenceException; /** * Search APIs to be displayed on Dev Portal API listing diff --git a/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/RegistryPersistenceImpl.java b/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/RegistryPersistenceImpl.java index d7a8e2077193..e3d88aac6b1f 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/RegistryPersistenceImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/RegistryPersistenceImpl.java @@ -979,7 +979,7 @@ public void deleteAllAPIs(Organization org) throws APIPersistenceException { @Override public PublisherAPISearchResult searchAPIsForPublisher(Organization org, String searchQuery, int start, int offset, - UserContext ctx, String sortBy, String sortOrder) throws APIPersistenceException { + UserContext ctx) throws APIPersistenceException { String requestedTenantDomain = org.getName(); boolean isTenantFlowStarted = false; @@ -2751,7 +2751,7 @@ public Mediation getMediationPolicy(Organization org, String apiId, String media int prependIndex = apiPath.lastIndexOf("/api"); String apiResourcePath = apiPath.substring(0, prependIndex); String policyPath = GovernanceUtils.getArtifactPath(registry, mediationPolicyId); - if (!policyPath.startsWith(apiResourcePath)) { + if (!policyPath.toLowerCase().startsWith(apiResourcePath.toLowerCase())) { throw new MediationPolicyPersistenceException("Policy not foud ", ExceptionCodes.POLICY_NOT_FOUND); } Resource mediationResource = registry.get(policyPath); diff --git a/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/dto/DevPortalAPI.java b/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/dto/DevPortalAPI.java index 956ab6313028..9db22f4078e0 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/dto/DevPortalAPI.java +++ b/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/dto/DevPortalAPI.java @@ -65,6 +65,8 @@ public class DevPortalAPI extends DevPortalAPIInfo { private String visibleRoles; private String gatewayVendor; private String asyncTransportProtocols; + private String publisherAccessControl; + private String publisherAccessControlRoles; public String getContextTemplate() { return contextTemplate; @@ -390,7 +392,22 @@ public String getVisibility() { public void setVisibility(String visibility) { this.visibility = visibility; } - + + public String getPublisherAccessControl() { + return publisherAccessControl; + } + + public void setPublisherAccessControl(String publisherAccessControl) { + this.publisherAccessControl = publisherAccessControl; + } + + public String getPublisherAccessControlRoles() { + return publisherAccessControlRoles; + } + + public void setPublisherAccessControlRoles(String publisherAccessControlRoles) { + this.publisherAccessControlRoles = publisherAccessControlRoles; + } /* private String accessControl; //publisher accessControl : 'restricted', 'all' // this won't be required diff --git a/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/mapper/APIMapper.java b/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/mapper/APIMapper.java index 1222c3c8e271..1d0a2e63d4ee 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/mapper/APIMapper.java +++ b/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/mapper/APIMapper.java @@ -110,6 +110,8 @@ public interface APIMapper { //@Mapping(source = "visibleTenants", target = "visibleOrganizations") @Mapping(source = "subscriptionAvailableTenants", target = "subscriptionAvailableOrgs") //@Mapping(source = "environmentList", target = "environments") + @Mapping(source = "accessControl", target = "publisherAccessControl") + @Mapping(source = "accessControlRoles", target = "publisherAccessControlRoles") DevPortalAPI toDevPortalApi(API api); //@Mapping(source = "providerName", target = "id.providerName") diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/pom.xml index 148c5b23b90f..27404726dd6b 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/impl/ApisApiServiceImpl.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/impl/ApisApiServiceImpl.java index 2d45e4bfc516..e0fb22302e7e 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/impl/ApisApiServiceImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/impl/ApisApiServiceImpl.java @@ -66,8 +66,7 @@ public Response getAllAPIs(Integer limit, Integer offset, String query, String i query = query == null ? APIConstants.CHAR_ASTERIX : query; APIProvider apiProvider = RestApiCommonUtil.getLoggedInUserProvider(); String organization = RestApiUtil.getOrganization(messageContext); - Map result = apiProvider.searchPaginatedAPIs(query, organization, offset, limit, - RestApiConstants.DEFAULT_SORT_BY, RestApiConstants.DEFAULT_SORT_ORDER); + Map result = apiProvider.searchPaginatedAPIs(query, organization, offset, limit); List apis = SearchApiServiceImplUtil.getAPIListFromAPISearchResult(result); List allMatchedResults = getAllMatchedResults(apis); resultListDTO.setApis(allMatchedResults); diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/pom.xml index ffefb98019d0..528486d99a74 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/pom.xml @@ -17,7 +17,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/java/org/wso2/carbon/apimgt/rest/api/common/RestApiCommonUtil.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/java/org/wso2/carbon/apimgt/rest/api/common/RestApiCommonUtil.java index 8b073c9b4bdc..385311daa29c 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/java/org/wso2/carbon/apimgt/rest/api/common/RestApiCommonUtil.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/java/org/wso2/carbon/apimgt/rest/api/common/RestApiCommonUtil.java @@ -573,6 +573,24 @@ public static String getSubscriptionPaginatedURLForAPIId(Integer offset, Integer return paginatedURL; } + /** + * Returns the paginated url for subscriptions + * + * @param offset starting index + * @param limit max number of objects returned + * @param groupId groupId of the Application + * @return constructed paginated url + */ + public static String getSubscriptionPaginatedURL(Integer offset, Integer limit, String groupId) { + + groupId = groupId == null ? "" : groupId; + String paginatedURL = RestApiConstants.SUBSCRIPTIONS_GET_PAGINATION_URL_APIID; + paginatedURL = paginatedURL.replace(RestApiConstants.LIMIT_PARAM, String.valueOf(limit)); + paginatedURL = paginatedURL.replace(RestApiConstants.OFFSET_PARAM, String.valueOf(offset)); + paginatedURL = paginatedURL.replace(RestApiConstants.GROUPID_PARAM, groupId); + return paginatedURL; + } + /** * Returns the paginated url for subscriptions for a particular application * diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/devportal-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/devportal-api.yaml index 993819c1a019..c6deac472695 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/devportal-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/devportal-api.yaml @@ -5625,6 +5625,9 @@ components: type: boolean description: Specifies whether Marketplace Assistant feature is enabled. default: true + orgWideAppUpdateEnabled: + type: boolean + default: false ApplicationAttribute: title: Application attributes type: object diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml index 919a6d051230..e97ec391b818 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml @@ -130,8 +130,6 @@ paths: parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - - $ref: '#/components/parameters/sortBy' - - $ref: '#/components/parameters/sortOrder' - $ref: '#/components/parameters/requestedTenant' - name: query in: query @@ -14195,30 +14193,6 @@ components: schema: type: integer default: 0 - sortBy: - name: sortBy - in: query - description: | - Criteria for sorting. - schema: - type: string - default: createdTime - enum: - - apiName - - version - - createdTime - - status - sortOrder: - name: sortOrder - in: query - description: | - Order of sorting(ascending/descending). - schema: - type: string - default: desc - enum: - - asc - - desc If-None-Match: name: If-None-Match in: header diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/pom.xml index 3a85cef4a5b3..8b97dafdeaa9 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.dcr/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.devops/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.devops/pom.xml index 720ed153d82e..0194bb7ac20a 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.devops/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.devops/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.gateway/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.gateway/pom.xml index 841fb8bcea5a..8374a071743c 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.gateway/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.gateway/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/pom.xml index 9d74b45f9b61..1b4b65a78b3d 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/SubscriptionMappingUtil.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/SubscriptionMappingUtil.java index 1302fe48b205..0b6e6fc4c0e9 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/SubscriptionMappingUtil.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/SubscriptionMappingUtil.java @@ -171,16 +171,31 @@ public static void setPaginationParams(SubscriptionListDTO subscriptionListDTO, Map paginatedParams = RestApiCommonUtil.getPaginationParams(offset, limit, size); if (paginatedParams.get(RestApiConstants.PAGINATION_PREVIOUS_OFFSET) != null) { - paginatedPrevious = RestApiCommonUtil - .getSubscriptionPaginatedURLForAPIId( - paginatedParams.get(RestApiConstants.PAGINATION_PREVIOUS_OFFSET), - paginatedParams.get(RestApiConstants.PAGINATION_PREVIOUS_LIMIT), apiId, groupId); + if (apiId != null) { + paginatedPrevious = RestApiCommonUtil + .getSubscriptionPaginatedURLForAPIId( + paginatedParams.get(RestApiConstants.PAGINATION_PREVIOUS_OFFSET), + paginatedParams.get(RestApiConstants.PAGINATION_PREVIOUS_LIMIT), apiId, groupId); + } else { + paginatedPrevious = RestApiCommonUtil + .getSubscriptionPaginatedURL( + paginatedParams.get(RestApiConstants.PAGINATION_PREVIOUS_OFFSET), + paginatedParams.get(RestApiConstants.PAGINATION_PREVIOUS_LIMIT), groupId); + } } if (paginatedParams.get(RestApiConstants.PAGINATION_NEXT_OFFSET) != null) { - paginatedNext = RestApiCommonUtil - .getSubscriptionPaginatedURLForAPIId(paginatedParams.get(RestApiConstants.PAGINATION_NEXT_OFFSET), - paginatedParams.get(RestApiConstants.PAGINATION_NEXT_LIMIT), apiId, groupId); + if (apiId != null) { + paginatedPrevious = RestApiCommonUtil + .getSubscriptionPaginatedURLForAPIId( + paginatedParams.get(RestApiConstants.PAGINATION_NEXT_OFFSET), + paginatedParams.get(RestApiConstants.PAGINATION_NEXT_LIMIT), apiId, groupId); + } else { + paginatedPrevious = RestApiCommonUtil + .getSubscriptionPaginatedURL( + paginatedParams.get(RestApiConstants.PAGINATION_NEXT_OFFSET), + paginatedParams.get(RestApiConstants.PAGINATION_NEXT_LIMIT), groupId); + } } PaginationDTO pagination = new PaginationDTO(); diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/template/APIConfigContext.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/template/APIConfigContext.java index 4c74195a1476..43e54558ba2c 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/template/APIConfigContext.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/template/APIConfigContext.java @@ -87,6 +87,18 @@ private void setApiVelocityContext(API api, VelocityContext context) { } else { context.put("apiIsOauthProtected", Boolean.FALSE); } + //if API is secured with api_Key + if (apiSecurity != null && apiSecurity.contains(APIConstants.API_SECURITY_API_KEY)) { + context.put("apiIsApiKeyProtected", Boolean.TRUE); + } else { + context.put("apiIsApiKeyProtected", Boolean.FALSE); + } + //if API is secured with basic_auth + if (apiSecurity != null && apiSecurity.contains(APIConstants.API_SECURITY_BASIC_AUTH)) { + context.put("apiIsBasicAuthProtected", Boolean.TRUE); + } else { + context.put("apiIsBasicAuthProtected", Boolean.FALSE); + } if (api.isEnabledSchemaValidation()) { context.put("enableSchemaValidation", Boolean.TRUE); } else { diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/pom.xml index 62550d853864..01fe15fdf3a1 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/ApisApi.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/ApisApi.java index 8b3458989a54..6eafedcdaadf 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/ApisApi.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/ApisApi.java @@ -1193,8 +1193,8 @@ public Response getAllAPISpecificOperationPolicies(@ApiParam(value = "**API ID** @ApiResponse(code = 200, message = "OK. List of qualifying APIs is returned. ", response = APIListDTO.class), @ApiResponse(code = 304, message = "Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). ", response = Void.class), @ApiResponse(code = 406, message = "Not Acceptable. The requested media type is not supported.", response = ErrorDTO.class) }) - public Response getAllAPIs( @ApiParam(value = "Maximum size of resource array to return. ", defaultValue="25") @DefaultValue("25") @QueryParam("limit") Integer limit, @ApiParam(value = "Starting point within the complete list of items qualified. ", defaultValue="0") @DefaultValue("0") @QueryParam("offset") Integer offset, @ApiParam(value = "Criteria for sorting. ", allowableValues="apiName, version, createdTime, status", defaultValue="createdTime") @DefaultValue("createdTime") @QueryParam("sortBy") String sortBy, @ApiParam(value = "Order of sorting(ascending/descending). ", allowableValues="asc, desc", defaultValue="desc") @DefaultValue("desc") @QueryParam("sortOrder") String sortOrder, @ApiParam(value = "For cross-tenant invocations, this is used to specify the tenant domain, where the resource need to be retirieved from. " )@HeaderParam("X-WSO2-Tenant") String xWSO2Tenant, @ApiParam(value = "**Search condition**. You can search in attributes by using an **\":\"** modifier. Eg. \"provider:wso2\" will match an API if the provider of the API contains \"wso2\". \"provider:\"wso2\"\" will match an API if the provider of the API is exactly \"wso2\". \"status:PUBLISHED\" will match an API if the API is in PUBLISHED state. Also you can use combined modifiers Eg. name:pizzashack version:v1 will match an API if the name of the API is pizzashack and version is v1. Supported attribute modifiers are [**version, context, name, status, description, provider, api-category, tags, doc, contexttemplate, lcstate, content, type, label, enablestore, thirdparty**] If no advanced attribute modifier has been specified, the API names containing the search term will be returned as a result. Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) ") @QueryParam("query") String query, @ApiParam(value = "Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource. " )@HeaderParam("If-None-Match") String ifNoneMatch, @ApiParam(value = "Media types acceptable for the response. Default is application/json. " , defaultValue="application/json")@HeaderParam("Accept") String accept) throws APIManagementException{ - return delegate.getAllAPIs(limit, offset, sortBy, sortOrder, xWSO2Tenant, query, ifNoneMatch, accept, securityContext); + public Response getAllAPIs( @ApiParam(value = "Maximum size of resource array to return. ", defaultValue="25") @DefaultValue("25") @QueryParam("limit") Integer limit, @ApiParam(value = "Starting point within the complete list of items qualified. ", defaultValue="0") @DefaultValue("0") @QueryParam("offset") Integer offset, @ApiParam(value = "For cross-tenant invocations, this is used to specify the tenant domain, where the resource need to be retirieved from. " )@HeaderParam("X-WSO2-Tenant") String xWSO2Tenant, @ApiParam(value = "**Search condition**. You can search in attributes by using an **\":\"** modifier. Eg. \"provider:wso2\" will match an API if the provider of the API contains \"wso2\". \"provider:\"wso2\"\" will match an API if the provider of the API is exactly \"wso2\". \"status:PUBLISHED\" will match an API if the API is in PUBLISHED state. Also you can use combined modifiers Eg. name:pizzashack version:v1 will match an API if the name of the API is pizzashack and version is v1. Supported attribute modifiers are [**version, context, name, status, description, provider, api-category, tags, doc, contexttemplate, lcstate, content, type, label, enablestore, thirdparty**] If no advanced attribute modifier has been specified, the API names containing the search term will be returned as a result. Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) ") @QueryParam("query") String query, @ApiParam(value = "Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource. " )@HeaderParam("If-None-Match") String ifNoneMatch, @ApiParam(value = "Media types acceptable for the response. Default is application/json. " , defaultValue="application/json")@HeaderParam("Accept") String accept) throws APIManagementException{ + return delegate.getAllAPIs(limit, offset, xWSO2Tenant, query, ifNoneMatch, accept, securityContext); } @GET diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/ApisApiService.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/ApisApiService.java index 7caffe1a712f..8d7b71fe1339 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/ApisApiService.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/ApisApiService.java @@ -120,7 +120,7 @@ public interface ApisApiService { public Response getAPISwagger(String apiId, String ifNoneMatch, MessageContext messageContext) throws APIManagementException; public Response getAPIThumbnail(String apiId, String ifNoneMatch, MessageContext messageContext) throws APIManagementException; public Response getAllAPISpecificOperationPolicies(String apiId, Integer limit, Integer offset, String query, MessageContext messageContext) throws APIManagementException; - public Response getAllAPIs(Integer limit, Integer offset, String sortBy, String sortOrder, String xWSO2Tenant, String query, String ifNoneMatch, String accept, MessageContext messageContext) throws APIManagementException; + public Response getAllAPIs(Integer limit, Integer offset, String xWSO2Tenant, String query, String ifNoneMatch, String accept, MessageContext messageContext) throws APIManagementException; public Response getAllCommentsOfAPI(String apiId, String xWSO2Tenant, Integer limit, Integer offset, Boolean includeCommenterInfo, MessageContext messageContext) throws APIManagementException; public Response getAllPublishedExternalStoresByAPI(String apiId, String ifNoneMatch, MessageContext messageContext) throws APIManagementException; public Response getAmazonResourceNamesOfAPI(String apiId, MessageContext messageContext) throws APIManagementException; diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/ApisApiServiceImpl.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/ApisApiServiceImpl.java index da6a6d7ab74a..07e5400ddf53 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/ApisApiServiceImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/ApisApiServiceImpl.java @@ -98,9 +98,8 @@ public class ApisApiServiceImpl implements ApisApiService { private static final String API_PRODUCT_TYPE = "APIPRODUCT"; @Override - public Response getAllAPIs(Integer limit, Integer offset, String sortBy, String sortOrder, String xWSO2Tenant, - String query, String ifNoneMatch, String accept, - MessageContext messageContext) { + public Response getAllAPIs(Integer limit, Integer offset, String xWSO2Tenant, String query, String ifNoneMatch, + String accept, MessageContext messageContext) { List allMatchedApis = new ArrayList<>(); Object apiListDTO; @@ -110,8 +109,6 @@ public Response getAllAPIs(Integer limit, Integer offset, String sortBy, String limit = limit != null ? limit : RestApiConstants.PAGINATION_LIMIT_DEFAULT; offset = offset != null ? offset : RestApiConstants.PAGINATION_OFFSET_DEFAULT; query = query == null ? "" : query; - sortBy = sortBy != null ? sortBy : RestApiConstants.DEFAULT_SORT_CRITERION; - sortOrder = sortOrder != null ? sortOrder : RestApiConstants.DESCENDING_SORT_ORDER; try { //revert content search back to normal search by name to avoid doc result complexity and to comply with REST api practices @@ -133,7 +130,7 @@ public Response getAllAPIs(Integer limit, Integer offset, String sortBy, String }*/ Map result; - result = apiProvider.searchPaginatedAPIs(query, organization, offset, limit, sortBy, sortOrder); + result = apiProvider.searchPaginatedAPIs(query, organization, offset, limit); Set apis = (Set) result.get("apis"); allMatchedApis.addAll(apis); diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/SearchApiServiceImpl.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/SearchApiServiceImpl.java index 6ab36696dc85..27034791bae5 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/SearchApiServiceImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/SearchApiServiceImpl.java @@ -67,8 +67,7 @@ public Response search(Integer limit, Integer offset, String query, String ifNon if (query.startsWith(APIConstants.CONTENT_SEARCH_TYPE_PREFIX)) { result = apiProvider.searchPaginatedContent(query, organization, offset, limit); } else { - result = apiProvider.searchPaginatedAPIs(query, organization, offset, limit, - RestApiConstants.DEFAULT_SORT_CRITERION, RestApiConstants.DEFAULT_SORT_ORDER); + result = apiProvider.searchPaginatedAPIs(query, organization, offset, limit); } /* Above searchPaginatedAPIs method underneath calls searchPaginatedAPIsByContent method,searchPaginatedAPIs diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/WorkflowsApiServiceImpl.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/WorkflowsApiServiceImpl.java index 0c3f7427afee..3f1671124f24 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/WorkflowsApiServiceImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/WorkflowsApiServiceImpl.java @@ -117,8 +117,7 @@ public Response workflowsGet(Integer limit, Integer offset, String accept, Strin return Response.ok().entity(workflowListDTO).build(); } while (start >= 0) { - result = apiProvider.searchPaginatedAPIs(query, tenantDomain, start, start + 100, - RestApiConstants.DEFAULT_SORT_CRITERION, RestApiConstants.DESCENDING_SORT_ORDER); + result = apiProvider.searchPaginatedAPIs(query, tenantDomain, start, start + 100); Set apis = (Set) result.get("apis"); for (API api : apis) { String organization = (RestApiUtil.getOrganization(messageContext) != null) ? diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml index 919a6d051230..e97ec391b818 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml @@ -130,8 +130,6 @@ paths: parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - - $ref: '#/components/parameters/sortBy' - - $ref: '#/components/parameters/sortOrder' - $ref: '#/components/parameters/requestedTenant' - name: query in: query @@ -14195,30 +14193,6 @@ components: schema: type: integer default: 0 - sortBy: - name: sortBy - in: query - description: | - Criteria for sorting. - schema: - type: string - default: createdTime - enum: - - apiName - - version - - createdTime - - status - sortOrder: - name: sortOrder - in: query - description: | - Order of sorting(ascending/descending). - schema: - type: string - default: desc - enum: - - asc - - desc If-None-Match: name: If-None-Match in: header diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.service.catalog/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.service.catalog/pom.xml index bdcf16d79960..18c436b69cde 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.service.catalog/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.service.catalog/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/pom.xml index d40e9b9b1393..6c503bd8aaab 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/store/v1/dto/SettingsDTO.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/store/v1/dto/SettingsDTO.java index 2c96c6462d5e..882d5d655b53 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/store/v1/dto/SettingsDTO.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/store/v1/dto/SettingsDTO.java @@ -42,6 +42,7 @@ public class SettingsDTO { private Boolean apiChatEnabled = true; private Boolean aiAuthTokenProvided = false; private Boolean marketplaceAssistantEnabled = true; + private Boolean orgWideAppUpdateEnabled = false; /** **/ @@ -374,6 +375,23 @@ public void setMarketplaceAssistantEnabled(Boolean marketplaceAssistantEnabled) this.marketplaceAssistantEnabled = marketplaceAssistantEnabled; } + /** + **/ + public SettingsDTO orgWideAppUpdateEnabled(Boolean orgWideAppUpdateEnabled) { + this.orgWideAppUpdateEnabled = orgWideAppUpdateEnabled; + return this; + } + + + @ApiModelProperty(value = "") + @JsonProperty("orgWideAppUpdateEnabled") + public Boolean isOrgWideAppUpdateEnabled() { + return orgWideAppUpdateEnabled; + } + public void setOrgWideAppUpdateEnabled(Boolean orgWideAppUpdateEnabled) { + this.orgWideAppUpdateEnabled = orgWideAppUpdateEnabled; + } + @Override public boolean equals(java.lang.Object o) { @@ -402,12 +420,13 @@ public boolean equals(java.lang.Object o) { Objects.equals(passwordPolicyMaxLength, settings.passwordPolicyMaxLength) && Objects.equals(apiChatEnabled, settings.apiChatEnabled) && Objects.equals(aiAuthTokenProvided, settings.aiAuthTokenProvided) && - Objects.equals(marketplaceAssistantEnabled, settings.marketplaceAssistantEnabled); + Objects.equals(marketplaceAssistantEnabled, settings.marketplaceAssistantEnabled) && + Objects.equals(orgWideAppUpdateEnabled, settings.orgWideAppUpdateEnabled); } @Override public int hashCode() { - return Objects.hash(grantTypes, scopes, applicationSharingEnabled, mapExistingAuthApps, apiGatewayEndpoint, monetizationEnabled, recommendationEnabled, isUnlimitedTierPaid, identityProvider, isAnonymousModeEnabled, isPasswordChangeEnabled, isJWTEnabledForLoginTokens, userStorePasswordPattern, passwordPolicyPattern, passwordPolicyMinLength, passwordPolicyMaxLength, apiChatEnabled, aiAuthTokenProvided, marketplaceAssistantEnabled); + return Objects.hash(grantTypes, scopes, applicationSharingEnabled, mapExistingAuthApps, apiGatewayEndpoint, monetizationEnabled, recommendationEnabled, isUnlimitedTierPaid, identityProvider, isAnonymousModeEnabled, isPasswordChangeEnabled, isJWTEnabledForLoginTokens, userStorePasswordPattern, passwordPolicyPattern, passwordPolicyMinLength, passwordPolicyMaxLength, apiChatEnabled, aiAuthTokenProvided, marketplaceAssistantEnabled, orgWideAppUpdateEnabled); } @Override @@ -434,6 +453,7 @@ public String toString() { sb.append(" apiChatEnabled: ").append(toIndentedString(apiChatEnabled)).append("\n"); sb.append(" aiAuthTokenProvided: ").append(toIndentedString(aiAuthTokenProvided)).append("\n"); sb.append(" marketplaceAssistantEnabled: ").append(toIndentedString(marketplaceAssistantEnabled)).append("\n"); + sb.append(" orgWideAppUpdateEnabled: ").append(toIndentedString(orgWideAppUpdateEnabled)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/impl/ApisApiServiceImpl.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/impl/ApisApiServiceImpl.java index c22b2114da0f..d85adec7e250 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/impl/ApisApiServiceImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/impl/ApisApiServiceImpl.java @@ -104,9 +104,7 @@ public Response apisGet(Integer limit, Integer offset, String xWSO2Tenant, Strin .replace(APIConstants.CONTENT_SEARCH_TYPE_PREFIX + ":", APIConstants.NAME_TYPE_PREFIX + ":"); } - Map allMatchedApisMap = apiConsumer.searchPaginatedAPIs(query, organization, offset, - limit, null, null); - + Map allMatchedApisMap = apiConsumer.searchPaginatedAPIs(query, organization, offset, limit); Set sortedSet = (Set) allMatchedApisMap.get("apis"); // This is a SortedSet ArrayList allMatchedApis = new ArrayList<>(sortedSet); diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/impl/ApplicationsApiServiceImpl.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/impl/ApplicationsApiServiceImpl.java index 61b711d67bf3..75909361e693 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/impl/ApplicationsApiServiceImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/impl/ApplicationsApiServiceImpl.java @@ -105,6 +105,7 @@ public class ApplicationsApiServiceImpl implements ApplicationsApiService { private static final Log log = LogFactory.getLog(ApplicationsApiServiceImpl.class); + boolean orgWideAppUpdateEnabled = Boolean.getBoolean(APIConstants.ORGANIZATION_WIDE_APPLICATION_UPDATE_ENABLED); /** * Retrieves all the applications that the user has access to @@ -458,7 +459,7 @@ public Response applicationsApplicationIdPut(String applicationId, ApplicationDT RestApiUtil.handleResourceNotFoundError(RestApiConstants.RESOURCE_APPLICATION, applicationId, log); } - if (!RestAPIStoreUtils.isUserOwnerOfApplication(oldApplication)) { + if (!orgWideAppUpdateEnabled && !RestAPIStoreUtils.isUserOwnerOfApplication(oldApplication)) { RestApiUtil.handleAuthorizationFailure(RestApiConstants.RESOURCE_APPLICATION, applicationId, log); } if (body.getName() != null && !body.getName().equalsIgnoreCase(oldApplication.getName())) { @@ -666,7 +667,7 @@ public Response applicationsApplicationIdApiKeysKeyTypeRevokePost(String applica org.json.JSONObject decodedBody = new org.json.JSONObject( new String(Base64.getUrlDecoder().decode(splitToken[1]))); if (application != null) { - if (RestAPIStoreUtils.isUserOwnerOfApplication(application) + if (orgWideAppUpdateEnabled || RestAPIStoreUtils.isUserOwnerOfApplication(application) || RestAPIStoreUtils.isApplicationSharedtoUser(application)) { if (decodedBody.getJSONObject(APIConstants.JwtTokenConstants.APPLICATION) != null) { org.json.JSONObject appInfo = @@ -749,7 +750,7 @@ public Response applicationsApplicationIdDelete(String applicationId, String ifM APIConsumer apiConsumer = APIManagerFactory.getInstance().getAPIConsumer(username); Application application = apiConsumer.getLightweightApplicationByUUID(applicationId); if (application != null) { - if (RestAPIStoreUtils.isUserOwnerOfApplication(application)) { + if (orgWideAppUpdateEnabled || RestAPIStoreUtils.isUserOwnerOfApplication(application)) { apiConsumer.removeApplication(application, username); if (APIConstants.ApplicationStatus.DELETE_PENDING.equals(application.getStatus())) { if (application.getId() == -1) { @@ -790,7 +791,7 @@ public Response applicationsApplicationIdGenerateKeysPost(String applicationId, } Application application = apiConsumer.getApplicationByUUID(applicationId); if (application != null) { - if (RestAPIStoreUtils.isUserOwnerOfApplication(application)) { + if (orgWideAppUpdateEnabled || RestAPIStoreUtils.isUserOwnerOfApplication(application)) { String[] accessAllowDomainsArray = {"ALL"}; JSONObject jsonParamObj = new JSONObject(); jsonParamObj.put(ApplicationConstants.OAUTH_CLIENT_USERNAME, username); @@ -1071,7 +1072,7 @@ public Response applicationsApplicationIdKeysKeyTypePut(String applicationId, St APIConsumer apiConsumer = APIManagerFactory.getInstance().getAPIConsumer(username); Application application = apiConsumer.getApplicationByUUID(applicationId); if (application != null) { - if (RestAPIStoreUtils.isUserOwnerOfApplication(application)) { + if (orgWideAppUpdateEnabled || RestAPIStoreUtils.isUserOwnerOfApplication(application)) { String grantTypes = StringUtils.join(body.getSupportedGrantTypes(), ','); JsonObject jsonParams = new JsonObject(); jsonParams.addProperty(APIConstants.JSON_GRANT_TYPES, grantTypes); @@ -1176,7 +1177,7 @@ public Response applicationsApplicationIdMapKeysPost(String applicationId, Appli keyManagerName = body.getKeyManager(); } if (application != null) { - if (RestAPIStoreUtils.isUserOwnerOfApplication(application)) { + if (orgWideAppUpdateEnabled || RestAPIStoreUtils.isUserOwnerOfApplication(application)) { String clientId = body.getConsumerKey(); String keyType = body.getKeyType().toString(); String tokenType = APIConstants.DEFAULT_TOKEN_TYPE; @@ -1353,7 +1354,8 @@ public Response applicationsApplicationIdOauthKeysKeyMappingIdPut(String applica } if (application != null) { ApplicationKeyDTO appKey = getApplicationKeyByAppIDAndKeyMapping(applicationId, keyMappingId); - if (RestAPIStoreUtils.isUserOwnerOfApplication(application) && appKey != null) { + if ((orgWideAppUpdateEnabled || RestAPIStoreUtils.isUserOwnerOfApplication(application)) + && appKey != null) { String grantTypes = StringUtils.join(body.getSupportedGrantTypes(), ','); JsonObject jsonParams = new JsonObject(); jsonParams.addProperty(APIConstants.JSON_GRANT_TYPES, grantTypes); diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/impl/SearchApiServiceImpl.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/impl/SearchApiServiceImpl.java index 8707ee31f411..b594da922bec 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/impl/SearchApiServiceImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/impl/SearchApiServiceImpl.java @@ -70,7 +70,7 @@ public Response searchGet(Integer limit, Integer offset, String xWSO2Tenant, Str if (query.startsWith(APIConstants.CONTENT_SEARCH_TYPE_PREFIX)) { result = apiConsumer.searchPaginatedContent(query, organization, offset, limit); } else { - result = apiConsumer.searchPaginatedAPIs(query, organization, offset, limit, null, null); + result = apiConsumer.searchPaginatedAPIs(query, organization, offset, limit); } ArrayList apis; diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/mappings/SettingsMappingUtil.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/mappings/SettingsMappingUtil.java index b5206110e7b4..edf37d1a30ad 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/mappings/SettingsMappingUtil.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/mappings/SettingsMappingUtil.java @@ -64,6 +64,7 @@ public SettingsDTO fromSettingstoDTO(Boolean isUserAvailable, Boolean moneatizat settingsDTO.setRecommendationEnabled(recommendationEnabled); settingsDTO.setMapExistingAuthApps(APIUtil.isMapExistingAuthAppsEnabled()); settingsDTO.setMonetizationEnabled(moneatizationEnabled); + settingsDTO.setOrgWideAppUpdateEnabled(APIUtil.isOrgWideAppUpdateEnabled()); SettingsIdentityProviderDTO identityProviderDTO = new SettingsIdentityProviderDTO(); identityProviderDTO.setExternal(APIUtil.getIdentityProviderConfig() != null); settingsDTO.setIdentityProvider(identityProviderDTO); diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/resources/devportal-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/resources/devportal-api.yaml index 993819c1a019..c6deac472695 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/resources/devportal-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/resources/devportal-api.yaml @@ -5625,6 +5625,9 @@ components: type: boolean description: Specifies whether Marketplace Assistant feature is enabled. default: true + orgWideAppUpdateEnabled: + type: boolean + default: false ApplicationAttribute: title: Application attributes type: object diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/pom.xml index 81cc85baac37..e2c2ae1c95af 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/pom.xml @@ -17,7 +17,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/interceptors/auth/BasicAuthenticationInterceptor.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/interceptors/auth/BasicAuthenticationInterceptor.java index 99aa067d3479..764658a9dc25 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/interceptors/auth/BasicAuthenticationInterceptor.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/interceptors/auth/BasicAuthenticationInterceptor.java @@ -26,8 +26,10 @@ import org.apache.cxf.message.Message; import org.apache.cxf.phase.AbstractPhaseInterceptor; import org.apache.cxf.phase.Phase; +import org.wso2.carbon.apimgt.api.APIManagementException; import org.wso2.carbon.apimgt.api.model.Scope; import org.wso2.carbon.apimgt.api.model.URITemplate; +import org.wso2.carbon.apimgt.impl.APIConstants; import org.wso2.carbon.apimgt.impl.utils.APIUtil; import org.wso2.carbon.apimgt.impl.utils.RealmUtil; import org.wso2.carbon.apimgt.rest.api.common.RestApiCommonUtil; @@ -46,6 +48,8 @@ import java.util.ArrayList; import java.util.Arrays; +import java.util.Dictionary; +import java.util.Enumeration; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -87,6 +91,14 @@ public void handleMessage(Message inMessage) { if (policy != null) { inMessage.put(RestApiConstants.REQUEST_AUTHENTICATION_SCHEME, RestApiConstants.BASIC_AUTHENTICATION); //Extract user credentials from the auth header and validate. + String path = (String) inMessage.get(Message.PATH_INFO); + String httpMethod = (String) inMessage.get(Message.HTTP_REQUEST_METHOD); + if (isBasicAuthBlockedURI(path, httpMethod)) { + log.error("Requested URI:" + path + " with HTTP method: " + httpMethod + + " is not allowed with Basic Authentication"); + throw new AuthenticationException("Unauthenticated request"); + } + String username = StringUtils.trim(policy.getUserName()); String password = StringUtils.trim(policy.getPassword()); if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) { @@ -306,4 +318,40 @@ private boolean validateUserRolesWithRESTAPIScopes(List resourceScopeList return false; } + /** + * This method will check if the requested URI is allowed to access with Basic Authentication + * + * @param path Requested URI path + * @param httpMethod HTTP Method + * @return true if the requested URI is not allowed with Basic Authentication + */ + private boolean isBasicAuthBlockedURI(String path, String httpMethod) { + Dictionary> blockedResourcePathsMap; + if (path.contains(APIConstants.RestApiConstants.REST_API_OLD_VERSION)) { + path = path.replace("/" + APIConstants.RestApiConstants.REST_API_OLD_VERSION, ""); + } + + //Check if the accessing URI is Basic Auth allowed and then authorization is failed if not. + try { + blockedResourcePathsMap = RestApiUtil.getBasicAuthBlockedURIsToMethodsMap(); + Enumeration uriTemplateSet = blockedResourcePathsMap.keys(); + + while (uriTemplateSet.hasMoreElements()) { + org.wso2.uri.template.URITemplate uriTemplate = uriTemplateSet.nextElement(); + if (uriTemplate.matches(path, new HashMap())) { + List blockedVerbs = blockedResourcePathsMap.get(uriTemplate); + if (blockedVerbs.contains(httpMethod)) { + return true; + } + } + } + + return false; + } catch (APIManagementException e) { + RestApiUtil + .handleInternalServerError("Unable to retrieve/process " + + "Basic Auth blocked URIs for REST API", e, log); + } + return false; + } } diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/utils/RestApiUtil.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/utils/RestApiUtil.java index 2ce4659f34f2..d0f025e61e94 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/utils/RestApiUtil.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/utils/RestApiUtil.java @@ -85,6 +85,7 @@ public class RestApiUtil { public static final Log log = LogFactory.getLog(RestApiUtil.class); private static Dictionary> uriToHttpMethodsMap; + private static Dictionary> basicAuthBlockedUriToHttpMethodsMap; private static Dictionary> ETagSkipListURIToHttpMethodsMap; public static ErrorDTO getConstraintViolationErrorDTO(Set> violations) { @@ -1094,6 +1095,67 @@ public static Dictionary> getAll return uriToHttpMethodsMap; } + /** + * Returns the Basic Auth Blocked URIs and associated HTTP methods for REST API + * by reading api-manager.xml configuration + * + * @return A Dictionary with the Basic Auth Blocked URIs and the associated HTTP methods. + * @throws APIManagementException + */ + private static Dictionary> getBasicAuthBlockedURIsMapFromConfig() + throws APIManagementException { + Dictionary> uriToMethodsMap = new Hashtable<>(); + APIManagerConfiguration apiManagerConfiguration = ServiceReferenceHolder.getInstance() + .getAPIManagerConfigurationService().getAPIManagerConfiguration(); + List uriList = apiManagerConfiguration + .getProperty(APIConstants.API_RESTAPI_BASIC_AUTH_BLOCKED_URI_URI); + List methodsList = apiManagerConfiguration + .getProperty(APIConstants.API_RESTAPI_BASIC_AUTH_BLOCKED_URI_HTTPMethods); + + if (uriList != null && methodsList != null) { + if (uriList.size() != methodsList.size()) { + String errorMsg = "Provided Basic Auth Blocked URIs for REST API are invalid." + + " Every 'BasicAuthAllowedURI' should include 'URI' and 'HTTPMethods' elements"; + log.error(errorMsg); + return new Hashtable<>(); + } + + for (int i = 0; i < uriList.size(); i++) { + String uri = uriList.get(i); + uri = uri.replace("/{version}", ""); + try { + org.wso2.uri.template.URITemplate uriTemplate = new org.wso2.uri.template.URITemplate(uri); + String methodsForUri = methodsList.get(i); + List methodListForUri = Arrays.asList(methodsForUri.split(",")); + uriToMethodsMap.put(uriTemplate, methodListForUri); + } catch (URITemplateException e) { + String msg = "Error in parsing URI " + uri + + " when retrieving Basic Auth Blocked URIs for REST API"; + log.error(msg, e); + throw new APIManagementException(msg, e); + } + } + } + return uriToMethodsMap; + } + + /** + * Returns the Basic Auth Blocked URIs and associated HTTP methods for REST API. If not already read before, reads + * api-manager.xml configuration, store the results in a static reference and returns the results. + * Otherwise, returns previously stored the static reference object. + * + * @return A Dictionary with the Basic Auth Allowed URIs and the associated HTTP methods. + * @throws APIManagementException + */ + public static Dictionary> getBasicAuthBlockedURIsToMethodsMap() + throws APIManagementException { + + if (basicAuthBlockedUriToHttpMethodsMap == null) { + basicAuthBlockedUriToHttpMethodsMap = getBasicAuthBlockedURIsMapFromConfig(); + } + return basicAuthBlockedUriToHttpMethodsMap; + } + /** * @param message CXF message to be extract auth header * @param pattern Pattern to extract access token diff --git a/components/apimgt/org.wso2.carbon.apimgt.solace/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.solace/pom.xml index f73ce368c081..208b160e105b 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.solace/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.solace/pom.xml @@ -3,7 +3,7 @@ apimgt org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.throttle.policy.deployer/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.throttle.policy.deployer/pom.xml index 79b9b943511a..a3c0fa2338cf 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.throttle.policy.deployer/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.throttle.policy.deployer/pom.xml @@ -19,7 +19,7 @@ apimgt org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT 4.0.0 bundle diff --git a/components/apimgt/org.wso2.carbon.apimgt.throttling.siddhi.extension/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.throttling.siddhi.extension/pom.xml index eeaa7182cefd..8dd38d4d3fb2 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.throttling.siddhi.extension/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.throttling.siddhi.extension/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.tokenmgt/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.tokenmgt/pom.xml index 3e8b91bc00a5..7754a6396824 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.tokenmgt/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.tokenmgt/pom.xml @@ -16,7 +16,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/org.wso2.carbon.apimgt.tokenmgt/src/main/java/org/wso2/carbon/apimgt/tokenmgt/listeners/KeyManagerUserOperationListener.java b/components/apimgt/org.wso2.carbon.apimgt.tokenmgt/src/main/java/org/wso2/carbon/apimgt/tokenmgt/listeners/KeyManagerUserOperationListener.java index 033208a79812..05bdbdbc8f23 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.tokenmgt/src/main/java/org/wso2/carbon/apimgt/tokenmgt/listeners/KeyManagerUserOperationListener.java +++ b/components/apimgt/org.wso2.carbon.apimgt.tokenmgt/src/main/java/org/wso2/carbon/apimgt/tokenmgt/listeners/KeyManagerUserOperationListener.java @@ -176,6 +176,18 @@ public boolean doPreUpdateRoleListOfUser(String username, String[] deletedRoles, return true; } + @Override + public boolean doPreUpdateInternalRoleListOfUser(String userName, String[] deletedRoles, + String[] newRoles, + UserStoreManager userStoreManager) { + + if (!isEnable()) { + return true; + } + APIUtil.clearRoleCache(getUserName(userName, userStoreManager)); + return true; + } + @Override public boolean doPreUpdateUserListOfRole(String roleName, String[] deletedUsers, String[] newUsers, UserStoreManager userStoreManager) { diff --git a/components/apimgt/org.wso2.carbon.apimgt.tracing/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.tracing/pom.xml index c8261ee82635..fde9c2523066 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.tracing/pom.xml +++ b/components/apimgt/org.wso2.carbon.apimgt.tracing/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.apimgt apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/components/apimgt/pom.xml b/components/apimgt/pom.xml index 5bbf8f6a037e..a37fb62d69b4 100644 --- a/components/apimgt/pom.xml +++ b/components/apimgt/pom.xml @@ -19,7 +19,7 @@ org.wso2.carbon.apimgt carbon-apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../../pom.xml diff --git a/components/apimgt/samples/org.wso2.carbon.apimgt.samples.calculator/pom.xml b/components/apimgt/samples/org.wso2.carbon.apimgt.samples.calculator/pom.xml index 47fb83bcd7ec..a5ff3bf7a201 100644 --- a/components/apimgt/samples/org.wso2.carbon.apimgt.samples.calculator/pom.xml +++ b/components/apimgt/samples/org.wso2.carbon.apimgt.samples.calculator/pom.xml @@ -19,7 +19,7 @@ apimgt org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../../pom.xml diff --git a/components/apimgt/samples/org.wso2.carbon.apimgt.samples.pizzashack/pom.xml b/components/apimgt/samples/org.wso2.carbon.apimgt.samples.pizzashack/pom.xml index 1f46dc810913..43d95a588b82 100644 --- a/components/apimgt/samples/org.wso2.carbon.apimgt.samples.pizzashack/pom.xml +++ b/components/apimgt/samples/org.wso2.carbon.apimgt.samples.pizzashack/pom.xml @@ -20,7 +20,7 @@ apimgt org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.cache.invalidation.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.cache.invalidation.feature/pom.xml index e5a3f216b2a0..ac189355969d 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.cache.invalidation.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.cache.invalidation.feature/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.core.feature/pom.xml index 5c9abb4038f4..b6afb4db337e 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/conf_templates/org.wso2.carbon.apimgt.core.default.json b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/conf_templates/org.wso2.carbon.apimgt.core.default.json index 8650827e723d..2dbb5660b2ea 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/conf_templates/org.wso2.carbon.apimgt.core.default.json +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/conf_templates/org.wso2.carbon.apimgt.core.default.json @@ -22,6 +22,7 @@ "apim.gateway_type": "Regular", "apim.enable_secure_vault": "false", "apim.jwt.enable": false, + "apim.jwt.enable_jwks_api": true, "apim.jwt.header": "X-JWT-Assertion", "apim.jwt.claim_dialect": "http://wso2.org/claims", "apim.jwt.convert_dialect": false, diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/conf_templates/templates/repository/conf/api-manager.xml.j2 b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/conf_templates/templates/repository/conf/api-manager.xml.j2 index 86e7b7d51648..81338d4f3788 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/conf_templates/templates/repository/conf/api-manager.xml.j2 +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/conf_templates/templates/repository/conf/api-manager.xml.j2 @@ -36,7 +36,8 @@ {{apim.jwt.enable}} - + + {{apim.jwt.enable_jwks_api}} {{apim.jwt.header}} @@ -873,6 +874,17 @@ POST + + + {% if apim.rest_api.basic_auth_blocked_uri is defined %} + {% for uri in apim.rest_api.basic_auth_blocked_uri %} + + {{uri.uri_path}} + {{uri.http_method}} + + {% endfor %} + {% endif %} + /api/am/devportal/{version}/apis diff --git a/features/apimgt/org.wso2.carbon.apimgt.eventing.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.eventing.feature/pom.xml index 689aaabac4ed..93884eaac710 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.eventing.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.eventing.feature/pom.xml @@ -20,7 +20,7 @@ apimgt-feature org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.eventing.hub.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.eventing.hub.feature/pom.xml index 91f58d81fd26..3c5ce1f2b36d 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.eventing.hub.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.eventing.hub.feature/pom.xml @@ -20,7 +20,7 @@ apimgt-feature org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.feature/pom.xml index 26d0210a9d77..fb40e35f2920 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.feature/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.gateway.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.gateway.feature/pom.xml index aab5b3a6777c..ec36bfa2677c 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.gateway.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.gateway.feature/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.internal.service.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.internal.service.feature/pom.xml index e891358d76a8..cade9b3c83f6 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.internal.service.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.internal.service.feature/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.jms.listener.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.jms.listener.feature/pom.xml index aab706d099e0..ca795ecc5b07 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.jms.listener.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.jms.listener.feature/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.keymanager.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.keymanager.feature/pom.xml index 72739de0dd75..e58fbb0b4be6 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.keymanager.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.keymanager.feature/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.persistence.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.persistence.feature/pom.xml index f761cb28b15c..f3d2adbdd394 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.persistence.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.persistence.feature/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.rest.api.admin.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.rest.api.admin.feature/pom.xml index a674b9777685..76133be8556d 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.rest.api.admin.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.rest.api.admin.feature/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.rest.api.dcr.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.rest.api.dcr.feature/pom.xml index 8071528ad308..1469e71f80fc 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.rest.api.dcr.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.rest.api.dcr.feature/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.rest.api.devops.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.rest.api.devops.feature/pom.xml index 246178c63e94..0f944a766203 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.rest.api.devops.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.rest.api.devops.feature/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.rest.api.gateway.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.rest.api.gateway.feature/pom.xml index 2a23b15cbb32..9de5046b8e67 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.rest.api.gateway.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.rest.api.gateway.feature/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.feature/pom.xml index 08aee2acb6c9..3289002f3aad 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.feature/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.rest.api.service.catalog.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.rest.api.service.catalog.feature/pom.xml index 596b86fb1790..c8cd248be17b 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.rest.api.service.catalog.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.rest.api.service.catalog.feature/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.rest.api.store.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.rest.api.store.feature/pom.xml index 5870d6120e32..92b94fcc19ea 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.rest.api.store.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.rest.api.store.feature/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.scxml.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.scxml.feature/pom.xml index 649b2d4de321..d9cc6df71429 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.scxml.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.scxml.feature/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.throttle.policy.deployer.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.throttle.policy.deployer.feature/pom.xml index 39f8d6517bb5..ba922489ecab 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.throttle.policy.deployer.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.throttle.policy.deployer.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.throttling.siddhi.extension.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.throttling.siddhi.extension.feature/pom.xml index 3d657f66e7c6..9bb16a1ae12d 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.throttling.siddhi.extension.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.throttling.siddhi.extension.feature/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.tokenmgt.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.tokenmgt.feature/pom.xml index 78028ca01e86..532abe825c26 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.tokenmgt.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.tokenmgt.feature/pom.xml @@ -20,7 +20,7 @@ org.wso2.carbon.apimgt apimgt-feature - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/features/apimgt/org.wso2.carbon.apimgt.tracing.feature/pom.xml b/features/apimgt/org.wso2.carbon.apimgt.tracing.feature/pom.xml index 072fc3291169..ad55c733fb35 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.tracing.feature/pom.xml +++ b/features/apimgt/org.wso2.carbon.apimgt.tracing.feature/pom.xml @@ -21,7 +21,7 @@ apimgt-feature org.wso2.carbon.apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT 4.0.0 diff --git a/features/apimgt/pom.xml b/features/apimgt/pom.xml index f8dab6a4dcea..7211a475c52f 100644 --- a/features/apimgt/pom.xml +++ b/features/apimgt/pom.xml @@ -19,7 +19,7 @@ org.wso2.carbon.apimgt carbon-apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../../pom.xml diff --git a/pom.xml b/pom.xml index e616328ef85c..4512d6d28ff4 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.apimgt carbon-apimgt pom - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT WSO2 Carbon - API Management Aggregator POM https://wso2.org @@ -2018,7 +2018,7 @@ 1.3 - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT [9.0.0, 10.0.0) @@ -2112,7 +2112,7 @@ [1.6.0, 2.0.0) - 4.0.0-wso2v131 + 4.0.0-wso2v152 3.0.0.wso2v1 @@ -2129,7 +2129,7 @@ [5.1,6) - 1.1.0 + 1.2.0 0.0.0 [1.0.1, 1.1.0) diff --git a/service-stubs/apimgt/org.wso2.carbon.apimgt.keymgt.stub/pom.xml b/service-stubs/apimgt/org.wso2.carbon.apimgt.keymgt.stub/pom.xml index 93e8e2e8fae6..067f18ef359c 100644 --- a/service-stubs/apimgt/org.wso2.carbon.apimgt.keymgt.stub/pom.xml +++ b/service-stubs/apimgt/org.wso2.carbon.apimgt.keymgt.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.apimgt apimgt-stubs - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../pom.xml diff --git a/service-stubs/apimgt/pom.xml b/service-stubs/apimgt/pom.xml index 722423e0f04d..f50d3a636dbb 100644 --- a/service-stubs/apimgt/pom.xml +++ b/service-stubs/apimgt/pom.xml @@ -19,7 +19,7 @@ org.wso2.carbon.apimgt carbon-apimgt - 9.30.83-SNAPSHOT + 9.30.101-SNAPSHOT ../../pom.xml