Modify database queries and resource paths

components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/gateway/GatewayAPIDTO.java

@@ -44,8 +44,10 @@ public class GatewayAPIDTO implements Serializable {
     private String[] sequencesToBeRemove;
     private GatewayContentDTO[] localEntriesToBeAdd;
     private String[] localEntriesToBeRemove;
-    private GatewayContentDTO[] clientCertificatesToBeAdd;
-    private String[] clientCertificatesToBeRemove;
+    private GatewayContentDTO[] productionClientCertificatesToBeAdd;
+    private GatewayContentDTO[] sandboxClientCertificatesToBeAdd;
+    private String[] productionClientCertificatesToBeRemove;
+    private String[] sandboxClientCertificatesToBeRemove;
     private GatewayContentDTO[] endpointEntriesToBeAdd;
     private String[] endpointEntriesToBeRemove;
     private CredentialDto[] credentialsToBeAdd ;
@@ -151,24 +153,36 @@ public void setLocalEntriesToBeRemove(String[] localEntriesToBeRemove) {
         this.localEntriesToBeRemove = localEntriesToBeRemove;
     }
 
-    public GatewayContentDTO[] getClientCertificatesToBeAdd() {
+    public GatewayContentDTO[] getProductionClientCertificatesToBeAdd() {
+        return productionClientCertificatesToBeAdd;
+    }
 
-        return clientCertificatesToBeAdd;
+    public void setProductionClientCertificatesToBeAdd(GatewayContentDTO[] productionClientCertificatesToBeAdd) {
+        this.productionClientCertificatesToBeAdd = productionClientCertificatesToBeAdd;
     }
 
-    public void setClientCertificatesToBeAdd(GatewayContentDTO[] clientCertificatesToBeAdd) {
+    public GatewayContentDTO[] getSandboxClientCertificatesToBeAdd() {
+        return sandboxClientCertificatesToBeAdd;
+    }
 
-        this.clientCertificatesToBeAdd = clientCertificatesToBeAdd;
+    public void setSandboxClientCertificatesToBeAdd(GatewayContentDTO[] sandboxClientCertificatesToBeAdd) {
+        this.sandboxClientCertificatesToBeAdd = sandboxClientCertificatesToBeAdd;
     }
 
-    public String[] getClientCertificatesToBeRemove() {
+    public String[] getProductionClientCertificatesToBeRemove() {
+        return productionClientCertificatesToBeRemove;
+    }
 
-        return clientCertificatesToBeRemove;
+    public void setProductionClientCertificatesToBeRemove(String[] productionClientCertificatesToBeRemove) {
+        this.productionClientCertificatesToBeRemove = productionClientCertificatesToBeRemove;
     }
 
-    public void setClientCertificatesToBeRemove(String[] clientCertificatesToBeRemove) {
+    public String[] getSandboxClientCertificatesToBeRemove() {
+        return sandboxClientCertificatesToBeRemove;
+    }
 
-        this.clientCertificatesToBeRemove = clientCertificatesToBeRemove;
+    public void setSandboxClientCertificatesToBeRemove(String[] sandboxClientCertificatesToBeRemove) {
+        this.sandboxClientCertificatesToBeRemove = sandboxClientCertificatesToBeRemove;
     }
 
     public GatewayContentDTO[] getEndpointEntriesToBeAdd() {

components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/InMemoryAPIDeployer.java

@@ -355,7 +355,9 @@ private void unDeployAPI(APIGatewayAdmin apiGatewayAdmin, DeployAPIInGatewayEven
                         GatewayUtils
                                 .addStringToList(gatewayEvent.getUuid(), gatewayAPIDTO.getLocalEntriesToBeRemove()));
                 apiGatewayAdmin.unDeployAPI(gatewayAPIDTO);
-                DataHolder.getInstance().getApiToCertificatesMap().remove(gatewayEvent.getUuid());
+                DataHolder.getInstance().getApiToProductionCertificatesMap().remove(gatewayEvent.getUuid());
+                DataHolder.getInstance().getApiToSandboxCertificatesMap().remove(gatewayEvent.getUuid());
+
                 DataHolder.getInstance().removeKeyManagerToAPIMapping(gatewayAPIDTO.getApiId());
             }
     }
@@ -419,13 +421,21 @@ private void addDeployedCertificatesToAPIAssociation(GatewayAPIDTO gatewayAPIDTO
 
         if (gatewayAPIDTO != null) {
             String apiId = gatewayAPIDTO.getApiId();
-            List<String> aliasList = new ArrayList<>();
-            if (gatewayAPIDTO.getClientCertificatesToBeAdd() != null) {
-                for (GatewayContentDTO gatewayContentDTO : gatewayAPIDTO.getClientCertificatesToBeAdd()) {
-                    aliasList.add(gatewayContentDTO.getName());
+            List<String> productionAliasList = new ArrayList<>();
+            if (gatewayAPIDTO.getProductionClientCertificatesToBeAdd() != null) {
+                for (GatewayContentDTO gatewayContentDTO : gatewayAPIDTO.getProductionClientCertificatesToBeAdd()) {
+                    productionAliasList.add(gatewayContentDTO.getName());
+                }
+            }
+            DataHolder.getInstance().addApiToProductionAliasList(apiId, productionAliasList);
+
+            List<String> sandboxAliasList = new ArrayList<>();
+            if (gatewayAPIDTO.getSandboxClientCertificatesToBeAdd() != null) {
+                for (GatewayContentDTO gatewayContentDTO : gatewayAPIDTO.getSandboxClientCertificatesToBeAdd()) {
+                    sandboxAliasList.add(gatewayContentDTO.getName());
                 }
             }
-            DataHolder.getInstance().addApiToAliasList(apiId, aliasList);
+            DataHolder.getInstance().addApiToSandboxAliasList(apiId, sandboxAliasList);
         }
     }
 
@@ -450,9 +460,14 @@ private void setClientCertificatesToRemoveIntoGatewayDTO(GatewayAPIDTO gatewayDT
 
         if (gatewayDTO != null) {
             if (StringUtils.isNotEmpty(gatewayDTO.getApiId())) {
-                List<String> certificateAliasListForAPI =
-                        DataHolder.getInstance().getCertificateAliasListForAPI(gatewayDTO.getApiId());
-                gatewayDTO.setClientCertificatesToBeRemove(certificateAliasListForAPI.toArray(new String[0]));
+                List<String> productionCertificateAliasListForAPI =
+                        DataHolder.getInstance().getProductionCertificateAliasListForAPI(gatewayDTO.getApiId());
+                gatewayDTO.setProductionClientCertificatesToBeRemove(productionCertificateAliasListForAPI.toArray(new String[0]));
+            }
+            if (StringUtils.isNotEmpty(gatewayDTO.getApiId())) {
+                List<String> sandboxCertificateAliasListForAPI =
+                        DataHolder.getInstance().getSandboxCertificateAliasListForAPI(gatewayDTO.getApiId());
+                gatewayDTO.setSandboxClientCertificatesToBeRemove(sandboxCertificateAliasListForAPI.toArray(new String[0]));
             }
         }
     }

components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/internal/DataHolder.java

@@ -39,7 +39,8 @@
 public class DataHolder {
     private static final Log log  = LogFactory.getLog(DataHolder.class);
     private static final DataHolder Instance = new DataHolder();
-    private Map<String, List<String>> apiToCertificatesMap = new HashMap();
+    private Map<String, List<String>> apiToProductionCertificatesMap = new HashMap();
+    private Map<String, List<String>> apiToSandboxCertificatesMap = new HashMap();
     private Map<String, String> googleAnalyticsConfigMap = new HashMap<>();
     private Map<String, GraphQLSchemaDTO> apiToGraphQLSchemaDTOMap = new HashMap<>();
     private Map<String, List<String>> apiToKeyManagersMap = new HashMap<>();
@@ -51,29 +52,42 @@ private DataHolder() {
         initializeTenantDeploymentStatusMap();
     }
 
-    public Map<String, List<String>> getApiToCertificatesMap() {
+    public Map<String, List<String>> getApiToProductionCertificatesMap() {
+        return apiToProductionCertificatesMap;
+    }
 
-        return apiToCertificatesMap;
+    public void setApiToProductionCertificatesMap(Map<String, List<String>> apiToProductionCertificatesMap) {
+        this.apiToProductionCertificatesMap = apiToProductionCertificatesMap;
     }
 
-    public void setApiToCertificatesMap(Map<String, List<String>> apiToCertificatesMap) {
+    public Map<String, List<String>> getApiToSandboxCertificatesMap() {
+        return apiToSandboxCertificatesMap;
+    }
 
-        this.apiToCertificatesMap = apiToCertificatesMap;
+    public void setApiToSandboxCertificatesMap(Map<String, List<String>> apiToSandboxCertificatesMap) {
+        this.apiToSandboxCertificatesMap = apiToSandboxCertificatesMap;
     }
 
     public static DataHolder getInstance() {
 
         return Instance;
     }
+    public void addApiToProductionAliasList(String apiId, List<String> aliasList) {
 
-    public void addApiToAliasList(String apiId, List<String> aliasList) {
+        apiToProductionCertificatesMap.put(apiId, aliasList);
+    }
+    public void addApiToSandboxAliasList(String apiId, List<String> aliasList) {
 
-        apiToCertificatesMap.put(apiId, aliasList);
+        apiToSandboxCertificatesMap.put(apiId, aliasList);
     }
 
-    public List<String> getCertificateAliasListForAPI(String apiId) {
+    public List<String> getProductionCertificateAliasListForAPI(String apiId) {
+
+        return apiToProductionCertificatesMap.getOrDefault(apiId, Collections.emptyList());
+    }
+    public List<String> getSandboxCertificateAliasListForAPI(String apiId) {
 
-        return apiToCertificatesMap.getOrDefault(apiId, Collections.emptyList());
+        return apiToSandboxCertificatesMap.getOrDefault(apiId, Collections.emptyList());
     }
 
     public void addGoogleAnalyticsConfig(String tenantDomain, String config) {

components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/service/APIGatewayAdmin.java

@@ -708,9 +708,16 @@ public boolean deployAPI(GatewayAPIDTO gatewayAPIDTO) throws AxisFault {
         }
 
         // Add Client Certificates
-        if (gatewayAPIDTO.getClientCertificatesToBeAdd() != null) {
+        if (gatewayAPIDTO.getProductionClientCertificatesToBeAdd() != null) {
             synchronized (certificateManager) {
-                for (GatewayContentDTO certificate : gatewayAPIDTO.getClientCertificatesToBeAdd()) {
+                for (GatewayContentDTO certificate : gatewayAPIDTO.getProductionClientCertificatesToBeAdd()) {
+                    certificateManager.addClientCertificateToGateway(certificate.getContent(), certificate.getName());
+                }
+            }
+        }
+        if (gatewayAPIDTO.getSandboxClientCertificatesToBeAdd() != null) {
+            synchronized (certificateManager) {
+                for (GatewayContentDTO certificate : gatewayAPIDTO.getSandboxClientCertificatesToBeAdd()) {
                     certificateManager.addClientCertificateToGateway(certificate.getContent(), certificate.getName());
                 }
             }
@@ -852,9 +859,16 @@ private void unDeployAPI(SequenceAdminServiceProxy sequenceAdminServiceProxy,
         }
 
         // Remove clientCertificates
-        if (gatewayAPIDTO.getClientCertificatesToBeRemove() != null) {
+        if (gatewayAPIDTO.getProductionClientCertificatesToBeRemove() != null) {
+            synchronized (certificateManager) {
+                for (String alias : gatewayAPIDTO.getProductionClientCertificatesToBeRemove()) {
+                    certificateManager.deleteClientCertificateFromGateway(alias);
+                }
+            }
+        }
+        if (gatewayAPIDTO.getSandboxClientCertificatesToBeRemove() != null) {
             synchronized (certificateManager) {
-                for (String alias : gatewayAPIDTO.getClientCertificatesToBeRemove()) {
+                for (String alias : gatewayAPIDTO.getSandboxClientCertificatesToBeRemove()) {
                     certificateManager.deleteClientCertificateFromGateway(alias);
                 }
             }

components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/certificatemgt/CertificateManager.java

@@ -203,6 +203,7 @@ ResponseCode deleteClientCertificateFromParentNode(Identifier apiIdentifier, Str
      * Method to add client certificate to gateway nodes.
      *
      * @param certificate : The Base64 encoded certificate string.
+     * @param keyType     : Key type of the certificate.
      * @param alias       : Certificate alias.
      * @return : True if the certificate is added to gateway node successfully. False otherwise.
      */

components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/importexport/ImportExportConstants.java

@@ -18,6 +18,8 @@
 
 package org.wso2.carbon.apimgt.impl.importexport;
 
+import org.wso2.carbon.apimgt.impl.APIConstants;
+
 import java.io.File;
 import java.util.HashMap;
 import java.util.Map;
@@ -287,8 +289,12 @@ public final class ImportExportConstants {
     public static final String CLIENT_CERTIFICATES_DIRECTORY_PATH = File.separator + "Client-certificates";
     public static final String ENDPOINT_CERTIFICATES_META_DATA_FILE_PATH =
             ENDPOINT_CERTIFICATES_DIRECTORY_PATH + File.separator + "endpoint_certificates";
-    public static final String CLIENT_CERTIFICATES_META_DATA_FILE_PATH =
-            CLIENT_CERTIFICATES_DIRECTORY_PATH + File.separator + "client_certificates";
+    public static final String PRODUCTION_CLIENT_CERTIFICATES_META_DATA_FILE_PATH =
+            CLIENT_CERTIFICATES_DIRECTORY_PATH + File.separator + APIConstants.API_KEY_TYPE_PRODUCTION
+                    + File.separator + "client_certificates";
+    public static final String SANDBOX_CLIENT_CERTIFICATES_META_DATA_FILE_PATH =
+            CLIENT_CERTIFICATES_DIRECTORY_PATH + File.separator + APIConstants.API_KEY_TYPE_SANDBOX
+                    + File.separator + "client_certificates";
 
     //Deployment directory related constants
     public static final String DEPLOYMENT_DIRECTORY_NAME= "Deployment";

components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/java/org/wso2/carbon/apimgt/rest/api/common/RestApiConstants.java

@@ -303,7 +303,7 @@ public final class RestApiConstants {
     public static final String MIGRATION_MODE = "migrationMode";
 
     public static final String CERTS_BASE_PATH = "/certificates";
-    public static final String CLIENT_CERTS_BASE_PATH = "/clientCertificates/";
+    public static final String CLIENT_CERTS_BASE_PATH = "/clientCertificates/v2/";
     public static final String CERTS_GET_PAGINATED_URL =
             CERTS_BASE_PATH + "?limit=" + LIMIT_PARAM + "&offset=" + OFFSET_PARAM + QUERY_PARAM;
     public static final String CLIENT_CERTS_GET_PAGINATED_URL =

components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml

@@ -4669,7 +4669,7 @@ paths:
           "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates"'
       operationId: addAPIClientCertificate
 
-  /apis/{apiId}/client-certificates/{keyType}:
+  /apis/{apiId}/client-certificates/v2/{keyType}:
     parameters:
       - in: path
         name: keyType
@@ -4951,7 +4951,7 @@ paths:
           source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8"
           "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon"'
       operationId: deleteAPIClientCertificateByAlias
-  /apis/{apiId}/client-certificates/{keyType}/{alias}:
+  /apis/{apiId}/client-certificates/v2/{keyType}/{alias}:
     parameters:
       - in: path
         name: keyType
@@ -5160,7 +5160,7 @@ paths:
             "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon/content" > test.crt'
       operationId: getAPIClientCertificateContentByAlias
 
-  /apis/{apiId}/client-certificates/{keyType}/{alias}/content:
+  /apis/{apiId}/client-certificates/v2/{keyType}/{alias}/content:
     get:
       tags:
         - Client Certificates