From 7b532ebb9977b1fdce4b537bc12b75b87072ac11 Mon Sep 17 00:00:00 2001 From: rusirijayodaillesinghe Date: Tue, 2 Jul 2024 17:15:45 +0530 Subject: [PATCH] Modify database queries and resource paths --- .../apimgt/api/gateway/GatewayAPIDTO.java | 34 +++-- .../apimgt/gateway/InMemoryAPIDeployer.java | 33 +++-- .../apimgt/gateway/internal/DataHolder.java | 32 +++-- .../gateway/service/APIGatewayAdmin.java | 22 +++- .../certificatemgt/CertificateManager.java | 1 + .../importexport/ImportExportConstants.java | 10 +- .../rest/api/common/RestApiConstants.java | 2 +- .../src/main/resources/publisher-api.yaml | 6 +- .../v1/common/TemplateBuilderUtil.java | 116 ++++++++++++------ .../v1/common/mappings/APIControllerUtil.java | 91 ++++++++++---- .../v1/common/mappings/ImportUtils.java | 34 +++-- .../apimgt/rest/api/publisher/v1/ApisApi.java | 12 +- .../publisher/v1/impl/ApisApiServiceImpl.java | 4 +- .../src/main/resources/publisher-api.yaml | 6 +- .../rest/api/util/RestApiConstants.java | 2 +- .../multi-dc/OGG/oracle/apimgt/tables.sql | 2 +- .../multi-dc/OGG/oracle/apimgt/tables_23c.sql | 2 +- .../SQLServer/mssql/apimgt/tables.sql | 2 +- .../src/main/resources/sql/db2.sql | 2 +- .../src/main/resources/sql/h2.sql | 2 +- .../src/main/resources/sql/mssql.sql | 2 +- .../src/main/resources/sql/mysql.sql | 2 +- .../src/main/resources/sql/mysql_cluster.sql | 2 +- .../src/main/resources/sql/oracle.sql | 2 +- .../src/main/resources/sql/oracle_23c.sql | 2 +- .../src/main/resources/sql/oracle_rac.sql | 2 +- .../src/main/resources/sql/postgresql.sql | 2 +- .../src/main/resources/sql/h2.sql | 2 +- 28 files changed, 289 insertions(+), 142 deletions(-) diff --git a/components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/gateway/GatewayAPIDTO.java b/components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/gateway/GatewayAPIDTO.java index 64b563665b88..988fab5fad7a 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/gateway/GatewayAPIDTO.java +++ b/components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/gateway/GatewayAPIDTO.java @@ -44,8 +44,10 @@ public class GatewayAPIDTO implements Serializable { private String[] sequencesToBeRemove; private GatewayContentDTO[] localEntriesToBeAdd; private String[] localEntriesToBeRemove; - private GatewayContentDTO[] clientCertificatesToBeAdd; - private String[] clientCertificatesToBeRemove; + private GatewayContentDTO[] productionClientCertificatesToBeAdd; + private GatewayContentDTO[] sandboxClientCertificatesToBeAdd; + private String[] productionClientCertificatesToBeRemove; + private String[] sandboxClientCertificatesToBeRemove; private GatewayContentDTO[] endpointEntriesToBeAdd; private String[] endpointEntriesToBeRemove; private CredentialDto[] credentialsToBeAdd ; @@ -151,24 +153,36 @@ public void setLocalEntriesToBeRemove(String[] localEntriesToBeRemove) { this.localEntriesToBeRemove = localEntriesToBeRemove; } - public GatewayContentDTO[] getClientCertificatesToBeAdd() { + public GatewayContentDTO[] getProductionClientCertificatesToBeAdd() { + return productionClientCertificatesToBeAdd; + } - return clientCertificatesToBeAdd; + public void setProductionClientCertificatesToBeAdd(GatewayContentDTO[] productionClientCertificatesToBeAdd) { + this.productionClientCertificatesToBeAdd = productionClientCertificatesToBeAdd; } - public void setClientCertificatesToBeAdd(GatewayContentDTO[] clientCertificatesToBeAdd) { + public GatewayContentDTO[] getSandboxClientCertificatesToBeAdd() { + return sandboxClientCertificatesToBeAdd; + } - this.clientCertificatesToBeAdd = clientCertificatesToBeAdd; + public void setSandboxClientCertificatesToBeAdd(GatewayContentDTO[] sandboxClientCertificatesToBeAdd) { + this.sandboxClientCertificatesToBeAdd = sandboxClientCertificatesToBeAdd; } - public String[] getClientCertificatesToBeRemove() { + public String[] getProductionClientCertificatesToBeRemove() { + return productionClientCertificatesToBeRemove; + } - return clientCertificatesToBeRemove; + public void setProductionClientCertificatesToBeRemove(String[] productionClientCertificatesToBeRemove) { + this.productionClientCertificatesToBeRemove = productionClientCertificatesToBeRemove; } - public void setClientCertificatesToBeRemove(String[] clientCertificatesToBeRemove) { + public String[] getSandboxClientCertificatesToBeRemove() { + return sandboxClientCertificatesToBeRemove; + } - this.clientCertificatesToBeRemove = clientCertificatesToBeRemove; + public void setSandboxClientCertificatesToBeRemove(String[] sandboxClientCertificatesToBeRemove) { + this.sandboxClientCertificatesToBeRemove = sandboxClientCertificatesToBeRemove; } public GatewayContentDTO[] getEndpointEntriesToBeAdd() { diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/InMemoryAPIDeployer.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/InMemoryAPIDeployer.java index dbb9d0ecac21..3c05f7ca3b39 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/InMemoryAPIDeployer.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/InMemoryAPIDeployer.java @@ -355,7 +355,9 @@ private void unDeployAPI(APIGatewayAdmin apiGatewayAdmin, DeployAPIInGatewayEven GatewayUtils .addStringToList(gatewayEvent.getUuid(), gatewayAPIDTO.getLocalEntriesToBeRemove())); apiGatewayAdmin.unDeployAPI(gatewayAPIDTO); - DataHolder.getInstance().getApiToCertificatesMap().remove(gatewayEvent.getUuid()); + DataHolder.getInstance().getApiToProductionCertificatesMap().remove(gatewayEvent.getUuid()); + DataHolder.getInstance().getApiToSandboxCertificatesMap().remove(gatewayEvent.getUuid()); + DataHolder.getInstance().removeKeyManagerToAPIMapping(gatewayAPIDTO.getApiId()); } } @@ -419,13 +421,21 @@ private void addDeployedCertificatesToAPIAssociation(GatewayAPIDTO gatewayAPIDTO if (gatewayAPIDTO != null) { String apiId = gatewayAPIDTO.getApiId(); - List aliasList = new ArrayList<>(); - if (gatewayAPIDTO.getClientCertificatesToBeAdd() != null) { - for (GatewayContentDTO gatewayContentDTO : gatewayAPIDTO.getClientCertificatesToBeAdd()) { - aliasList.add(gatewayContentDTO.getName()); + List productionAliasList = new ArrayList<>(); + if (gatewayAPIDTO.getProductionClientCertificatesToBeAdd() != null) { + for (GatewayContentDTO gatewayContentDTO : gatewayAPIDTO.getProductionClientCertificatesToBeAdd()) { + productionAliasList.add(gatewayContentDTO.getName()); + } + } + DataHolder.getInstance().addApiToProductionAliasList(apiId, productionAliasList); + + List sandboxAliasList = new ArrayList<>(); + if (gatewayAPIDTO.getSandboxClientCertificatesToBeAdd() != null) { + for (GatewayContentDTO gatewayContentDTO : gatewayAPIDTO.getSandboxClientCertificatesToBeAdd()) { + sandboxAliasList.add(gatewayContentDTO.getName()); } } - DataHolder.getInstance().addApiToAliasList(apiId, aliasList); + DataHolder.getInstance().addApiToSandboxAliasList(apiId, sandboxAliasList); } } @@ -450,9 +460,14 @@ private void setClientCertificatesToRemoveIntoGatewayDTO(GatewayAPIDTO gatewayDT if (gatewayDTO != null) { if (StringUtils.isNotEmpty(gatewayDTO.getApiId())) { - List certificateAliasListForAPI = - DataHolder.getInstance().getCertificateAliasListForAPI(gatewayDTO.getApiId()); - gatewayDTO.setClientCertificatesToBeRemove(certificateAliasListForAPI.toArray(new String[0])); + List productionCertificateAliasListForAPI = + DataHolder.getInstance().getProductionCertificateAliasListForAPI(gatewayDTO.getApiId()); + gatewayDTO.setProductionClientCertificatesToBeRemove(productionCertificateAliasListForAPI.toArray(new String[0])); + } + if (StringUtils.isNotEmpty(gatewayDTO.getApiId())) { + List sandboxCertificateAliasListForAPI = + DataHolder.getInstance().getSandboxCertificateAliasListForAPI(gatewayDTO.getApiId()); + gatewayDTO.setSandboxClientCertificatesToBeRemove(sandboxCertificateAliasListForAPI.toArray(new String[0])); } } } diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/internal/DataHolder.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/internal/DataHolder.java index cff90588df0c..3d1dda6d4bba 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/internal/DataHolder.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/internal/DataHolder.java @@ -39,7 +39,8 @@ public class DataHolder { private static final Log log = LogFactory.getLog(DataHolder.class); private static final DataHolder Instance = new DataHolder(); - private Map> apiToCertificatesMap = new HashMap(); + private Map> apiToProductionCertificatesMap = new HashMap(); + private Map> apiToSandboxCertificatesMap = new HashMap(); private Map googleAnalyticsConfigMap = new HashMap<>(); private Map apiToGraphQLSchemaDTOMap = new HashMap<>(); private Map> apiToKeyManagersMap = new HashMap<>(); @@ -51,29 +52,42 @@ private DataHolder() { initializeTenantDeploymentStatusMap(); } - public Map> getApiToCertificatesMap() { + public Map> getApiToProductionCertificatesMap() { + return apiToProductionCertificatesMap; + } - return apiToCertificatesMap; + public void setApiToProductionCertificatesMap(Map> apiToProductionCertificatesMap) { + this.apiToProductionCertificatesMap = apiToProductionCertificatesMap; } - public void setApiToCertificatesMap(Map> apiToCertificatesMap) { + public Map> getApiToSandboxCertificatesMap() { + return apiToSandboxCertificatesMap; + } - this.apiToCertificatesMap = apiToCertificatesMap; + public void setApiToSandboxCertificatesMap(Map> apiToSandboxCertificatesMap) { + this.apiToSandboxCertificatesMap = apiToSandboxCertificatesMap; } public static DataHolder getInstance() { return Instance; } + public void addApiToProductionAliasList(String apiId, List aliasList) { - public void addApiToAliasList(String apiId, List aliasList) { + apiToProductionCertificatesMap.put(apiId, aliasList); + } + public void addApiToSandboxAliasList(String apiId, List aliasList) { - apiToCertificatesMap.put(apiId, aliasList); + apiToSandboxCertificatesMap.put(apiId, aliasList); } - public List getCertificateAliasListForAPI(String apiId) { + public List getProductionCertificateAliasListForAPI(String apiId) { + + return apiToProductionCertificatesMap.getOrDefault(apiId, Collections.emptyList()); + } + public List getSandboxCertificateAliasListForAPI(String apiId) { - return apiToCertificatesMap.getOrDefault(apiId, Collections.emptyList()); + return apiToSandboxCertificatesMap.getOrDefault(apiId, Collections.emptyList()); } public void addGoogleAnalyticsConfig(String tenantDomain, String config) { diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/service/APIGatewayAdmin.java b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/service/APIGatewayAdmin.java index e9c66c45601b..750581027aa4 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/service/APIGatewayAdmin.java +++ b/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/service/APIGatewayAdmin.java @@ -708,9 +708,16 @@ public boolean deployAPI(GatewayAPIDTO gatewayAPIDTO) throws AxisFault { } // Add Client Certificates - if (gatewayAPIDTO.getClientCertificatesToBeAdd() != null) { + if (gatewayAPIDTO.getProductionClientCertificatesToBeAdd() != null) { synchronized (certificateManager) { - for (GatewayContentDTO certificate : gatewayAPIDTO.getClientCertificatesToBeAdd()) { + for (GatewayContentDTO certificate : gatewayAPIDTO.getProductionClientCertificatesToBeAdd()) { + certificateManager.addClientCertificateToGateway(certificate.getContent(), certificate.getName()); + } + } + } + if (gatewayAPIDTO.getSandboxClientCertificatesToBeAdd() != null) { + synchronized (certificateManager) { + for (GatewayContentDTO certificate : gatewayAPIDTO.getSandboxClientCertificatesToBeAdd()) { certificateManager.addClientCertificateToGateway(certificate.getContent(), certificate.getName()); } } @@ -852,9 +859,16 @@ private void unDeployAPI(SequenceAdminServiceProxy sequenceAdminServiceProxy, } // Remove clientCertificates - if (gatewayAPIDTO.getClientCertificatesToBeRemove() != null) { + if (gatewayAPIDTO.getProductionClientCertificatesToBeRemove() != null) { + synchronized (certificateManager) { + for (String alias : gatewayAPIDTO.getProductionClientCertificatesToBeRemove()) { + certificateManager.deleteClientCertificateFromGateway(alias); + } + } + } + if (gatewayAPIDTO.getSandboxClientCertificatesToBeRemove() != null) { synchronized (certificateManager) { - for (String alias : gatewayAPIDTO.getClientCertificatesToBeRemove()) { + for (String alias : gatewayAPIDTO.getSandboxClientCertificatesToBeRemove()) { certificateManager.deleteClientCertificateFromGateway(alias); } } diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/certificatemgt/CertificateManager.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/certificatemgt/CertificateManager.java index b8ebbe6f0982..7d8f1af45dc9 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/certificatemgt/CertificateManager.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/certificatemgt/CertificateManager.java @@ -203,6 +203,7 @@ ResponseCode deleteClientCertificateFromParentNode(Identifier apiIdentifier, Str * Method to add client certificate to gateway nodes. * * @param certificate : The Base64 encoded certificate string. + * @param keyType : Key type of the certificate. * @param alias : Certificate alias. * @return : True if the certificate is added to gateway node successfully. False otherwise. */ diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/importexport/ImportExportConstants.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/importexport/ImportExportConstants.java index 778b058c2424..0beb53f2baa5 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/importexport/ImportExportConstants.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/importexport/ImportExportConstants.java @@ -18,6 +18,8 @@ package org.wso2.carbon.apimgt.impl.importexport; +import org.wso2.carbon.apimgt.impl.APIConstants; + import java.io.File; import java.util.HashMap; import java.util.Map; @@ -287,8 +289,12 @@ public final class ImportExportConstants { public static final String CLIENT_CERTIFICATES_DIRECTORY_PATH = File.separator + "Client-certificates"; public static final String ENDPOINT_CERTIFICATES_META_DATA_FILE_PATH = ENDPOINT_CERTIFICATES_DIRECTORY_PATH + File.separator + "endpoint_certificates"; - public static final String CLIENT_CERTIFICATES_META_DATA_FILE_PATH = - CLIENT_CERTIFICATES_DIRECTORY_PATH + File.separator + "client_certificates"; + public static final String PRODUCTION_CLIENT_CERTIFICATES_META_DATA_FILE_PATH = + CLIENT_CERTIFICATES_DIRECTORY_PATH + File.separator + APIConstants.API_KEY_TYPE_PRODUCTION + + File.separator + "client_certificates"; + public static final String SANDBOX_CLIENT_CERTIFICATES_META_DATA_FILE_PATH = + CLIENT_CERTIFICATES_DIRECTORY_PATH + File.separator + APIConstants.API_KEY_TYPE_SANDBOX + + File.separator + "client_certificates"; //Deployment directory related constants public static final String DEPLOYMENT_DIRECTORY_NAME= "Deployment"; diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/java/org/wso2/carbon/apimgt/rest/api/common/RestApiConstants.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/java/org/wso2/carbon/apimgt/rest/api/common/RestApiConstants.java index 2d39e73d6200..b9ee6a70056d 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/java/org/wso2/carbon/apimgt/rest/api/common/RestApiConstants.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/java/org/wso2/carbon/apimgt/rest/api/common/RestApiConstants.java @@ -303,7 +303,7 @@ public final class RestApiConstants { public static final String MIGRATION_MODE = "migrationMode"; public static final String CERTS_BASE_PATH = "/certificates"; - public static final String CLIENT_CERTS_BASE_PATH = "/clientCertificates/"; + public static final String CLIENT_CERTS_BASE_PATH = "/clientCertificates/v2/"; public static final String CERTS_GET_PAGINATED_URL = CERTS_BASE_PATH + "?limit=" + LIMIT_PARAM + "&offset=" + OFFSET_PARAM + QUERY_PARAM; public static final String CLIENT_CERTS_GET_PAGINATED_URL = diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml index 2cd878390958..1f4536a16f6a 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml @@ -4669,7 +4669,7 @@ paths: "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates"' operationId: addAPIClientCertificate - /apis/{apiId}/client-certificates/{keyType}: + /apis/{apiId}/client-certificates/v2/{keyType}: parameters: - in: path name: keyType @@ -4951,7 +4951,7 @@ paths: source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon"' operationId: deleteAPIClientCertificateByAlias - /apis/{apiId}/client-certificates/{keyType}/{alias}: + /apis/{apiId}/client-certificates/v2/{keyType}/{alias}: parameters: - in: path name: keyType @@ -5160,7 +5160,7 @@ paths: "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon/content" > test.crt' operationId: getAPIClientCertificateContentByAlias - /apis/{apiId}/client-certificates/{keyType}/{alias}/content: + /apis/{apiId}/client-certificates/v2/{keyType}/{alias}/content: get: tags: - Client Certificates diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/TemplateBuilderUtil.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/TemplateBuilderUtil.java index ca7e89fe370f..630a1e0947c3 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/TemplateBuilderUtil.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/TemplateBuilderUtil.java @@ -90,7 +90,8 @@ public class TemplateBuilderUtil { private static final Log log = LogFactory.getLog(TemplateBuilderUtil.class); public static APITemplateBuilderImpl getAPITemplateBuilder(API api, String tenantDomain, - List clientCertificateDTOS, + List clientCertificateDTOSProduction, + List clientCertificateDTOSSandbox, List soapToRestInMediationDtos, List soapToRestMediationDtos) throws APIManagementException { @@ -179,17 +180,26 @@ public static APITemplateBuilderImpl getAPITemplateBuilder(API api, String tenan } vtb.addHandler("org.wso2.carbon.apimgt.gateway.handlers.common.APIStatusHandler", Collections.emptyMap()); } - Map clientCertificateObject = null; + Map clientCertificateObject = new HashMap<>(); CertificateMgtUtils certificateMgtUtils = CertificateMgtUtils.getInstance(); - if (clientCertificateDTOS != null) { - clientCertificateObject = new HashMap<>(); - for (ClientCertificateDTO clientCertificateDTO : clientCertificateDTOS) { + if (clientCertificateDTOSProduction != null) { + for (ClientCertificateDTO clientCertificateDTO : clientCertificateDTOSProduction) { /* appending the values without using a data structure to store them separately to avoid conflicts when reading from certificatesDetails string at MutualSSLAuthenticator */ clientCertificateObject.put(certificateMgtUtils .getUniqueIdentifierOfCertificate(clientCertificateDTO.getCertificate()), clientCertificateDTO.getTierName().concat(APIConstants.DELEM_COLON) - .concat(clientCertificateDTO.getKeyType())); + .concat(APIConstants.API_KEY_TYPE_PRODUCTION)); + } + } + if (clientCertificateDTOSSandbox != null) { + for (ClientCertificateDTO clientCertificateDTO : clientCertificateDTOSSandbox) { + /* appending the values without using a data structure to store them separately to avoid conflicts + when reading from certificatesDetails string at MutualSSLAuthenticator */ + clientCertificateObject.put(certificateMgtUtils + .getUniqueIdentifierOfCertificate(clientCertificateDTO.getCertificate()), + clientCertificateDTO.getTierName().concat(APIConstants.DELEM_COLON) + .concat(APIConstants.API_KEY_TYPE_SANDBOX)); } } @@ -204,7 +214,7 @@ public static APITemplateBuilderImpl getAPITemplateBuilder(API api, String tenan String apiLevelPolicy = api.getApiLevelPolicy(); authProperties.put(APIConstants.API_SECURITY, apiSecurity); authProperties.put(APIConstants.API_LEVEL_POLICY, apiLevelPolicy); - if (clientCertificateObject != null) { + if (!clientCertificateObject.isEmpty()) { authProperties.put(APIConstants.CERTIFICATE_INFORMATION, clientCertificateObject.toString()); } //Get RemoveHeaderFromOutMessage from tenant registry or api-manager.xml @@ -282,8 +292,8 @@ public static APITemplateBuilderImpl getAPITemplateBuilder(API api, String tenan } public static APITemplateBuilderImpl getAPITemplateBuilder(APIProduct apiProduct, String tenantDomain, - List clientCertificateDTOS, - Map associatedAPIMap) + List clientCertificateDTOSProduction, + List clientCertificateDTOSSandbox, Map associatedAPIMap) throws APIManagementException { int tenantId = APIUtil.getTenantIdFromTenantDomain(tenantDomain); @@ -367,18 +377,26 @@ public static APITemplateBuilderImpl getAPITemplateBuilder(APIProduct apiProduct } vtb.addHandler("org.wso2.carbon.apimgt.gateway.handlers.common.APIStatusHandler", Collections.emptyMap()); - Map clientCertificateObject = null; + Map clientCertificateObject = new HashMap<>(); CertificateMgtUtils certificateMgtUtils = CertificateMgtUtils.getInstance(); - if (clientCertificateDTOS != null) { - clientCertificateObject = new HashMap<>(); - for (ClientCertificateDTO clientCertificateDTO : clientCertificateDTOS) { + if (clientCertificateDTOSProduction != null) { + for (ClientCertificateDTO clientCertificateDTO : clientCertificateDTOSProduction) { /* appending the values without using a data structure to store them separately to avoid conflicts when reading from certificatesDetails string at MutualSSLAuthenticator */ clientCertificateObject.put(certificateMgtUtils. getUniqueIdentifierOfCertificate(clientCertificateDTO.getCertificate()), clientCertificateDTO.getTierName().concat(APIConstants.DELEM_COLON) - .concat(clientCertificateDTO.getKeyType())); - + .concat(APIConstants.API_KEY_TYPE_PRODUCTION)); + } + } + if (clientCertificateDTOSSandbox != null) { + for (ClientCertificateDTO clientCertificateDTO : clientCertificateDTOSSandbox) { + /* appending the values without using a data structure to store them separately to avoid conflicts + when reading from certificatesDetails string at MutualSSLAuthenticator */ + clientCertificateObject.put(certificateMgtUtils. + getUniqueIdentifierOfCertificate(clientCertificateDTO.getCertificate()), + clientCertificateDTO.getTierName().concat(APIConstants.DELEM_COLON) + .concat(APIConstants.API_KEY_TYPE_SANDBOX)); } } @@ -393,7 +411,7 @@ public static APITemplateBuilderImpl getAPITemplateBuilder(APIProduct apiProduct String apiLevelPolicy = apiProduct.getProductLevelPolicy(); authProperties.put(APIConstants.API_SECURITY, apiSecurity); authProperties.put(APIConstants.API_LEVEL_POLICY, apiLevelPolicy); - if (clientCertificateObject != null) { + if (!clientCertificateObject.isEmpty()) { authProperties.put(APIConstants.CERTIFICATE_INFORMATION, clientCertificateObject.toString()); } @@ -460,8 +478,10 @@ public static GatewayAPIDTO retrieveGatewayAPIDto(API api, Environment environme APIDTO apidto, String extractedFolderPath) throws APIManagementException, XMLStreamException, APITemplateException { - List clientCertificatesDTOList = - ImportUtils.retrieveClientCertificates(extractedFolderPath); + List clientCertificatesDTOListProduction = + ImportUtils.retrieveClientCertificates(extractedFolderPath, APIConstants.API_KEY_TYPE_PRODUCTION); + List clientCertificatesDTOListSandbox = + ImportUtils.retrieveClientCertificates(extractedFolderPath, APIConstants.API_KEY_TYPE_SANDBOX); List soapToRestInMediationDtoList = ImportUtils.retrieveSoapToRestFlowMediations(extractedFolderPath, ImportUtils.IN); List soapToRestOutMediationDtoList = @@ -472,10 +492,10 @@ public static GatewayAPIDTO retrieveGatewayAPIDto(API api, Environment environme JSONObject modifiedProperties = getModifiedProperties(originalProperties); api.setAdditionalProperties(modifiedProperties); APITemplateBuilder apiTemplateBuilder = TemplateBuilderUtil - .getAPITemplateBuilder(api, tenantDomain, clientCertificatesDTOList, soapToRestInMediationDtoList, - soapToRestOutMediationDtoList); + .getAPITemplateBuilder(api, tenantDomain, clientCertificatesDTOListProduction, + clientCertificatesDTOListSandbox, soapToRestInMediationDtoList, soapToRestOutMediationDtoList); GatewayAPIDTO gatewaAPIDto = createAPIGatewayDTOtoPublishAPI(environment, api, apiTemplateBuilder, tenantDomain, - extractedFolderPath, apidto, clientCertificatesDTOList); + extractedFolderPath, apidto, clientCertificatesDTOListProduction, clientCertificatesDTOListSandbox); // Reset the additional properties to the original values if (originalProperties != null) { api.setAdditionalProperties(originalProperties); @@ -523,8 +543,10 @@ public static GatewayAPIDTO retrieveGatewayAPIDto(APIProduct apiProduct, Environ String tenantDomain, String extractedFolderPath) throws APIManagementException, XMLStreamException, APITemplateException { - List clientCertificatesDTOList = - ImportUtils.retrieveClientCertificates(extractedFolderPath); + List clientCertificatesDTOListProduction = + ImportUtils.retrieveClientCertificates(extractedFolderPath, APIConstants.API_KEY_TYPE_PRODUCTION); + List clientCertificatesDTOListSandbox = + ImportUtils.retrieveClientCertificates(extractedFolderPath, APIConstants.API_KEY_TYPE_SANDBOX); Map apidtoMap = retrieveAssociatedApis(extractedFolderPath); Map associatedAPIsMap = convertAPIIdToDto(apidtoMap.values()); for (APIProductResource productResource : apiProduct.getProductResources()) { @@ -562,16 +584,16 @@ public static GatewayAPIDTO retrieveGatewayAPIDto(APIProduct apiProduct, Environ } APITemplateBuilder apiTemplateBuilder = - TemplateBuilderUtil.getAPITemplateBuilder(apiProduct, tenantDomain, clientCertificatesDTOList, - convertAPIIdToDto(associatedAPIsMap.values())); + TemplateBuilderUtil.getAPITemplateBuilder(apiProduct, tenantDomain, clientCertificatesDTOListProduction, + clientCertificatesDTOListSandbox, convertAPIIdToDto(associatedAPIsMap.values())); return createAPIGatewayDTOtoPublishAPI(environment, apiProduct, apiTemplateBuilder, tenantDomain, - apidtoMap, clientCertificatesDTOList); + apidtoMap, clientCertificatesDTOListProduction, clientCertificatesDTOListSandbox); } private static GatewayAPIDTO createAPIGatewayDTOtoPublishAPI(Environment environment, APIProduct apiProduct, - APITemplateBuilder builder, String tenantDomain, - Map associatedAPIsMap, - List clientCertificatesDTOList) + APITemplateBuilder builder, String tenantDomain, Map associatedAPIsMap, + List clientCertificatesDTOListProduction, + List clientCertificatesDTOListSandbox) throws APITemplateException, XMLStreamException, APIManagementException { APIProductIdentifier id = apiProduct.getId(); @@ -594,7 +616,8 @@ private static GatewayAPIDTO createAPIGatewayDTOtoPublishAPI(Environment environ + ""); productAPIDto.setLocalEntriesToBeAdd(addGatewayContentToList(productLocalEntry, productAPIDto.getLocalEntriesToBeAdd())); - setClientCertificatesToBeAdded(tenantDomain, productAPIDto, clientCertificatesDTOList); + setClientCertificatesToBeAdded(tenantDomain, productAPIDto, clientCertificatesDTOListProduction, + clientCertificatesDTOListSandbox); for (Map.Entry apidtoEntry : associatedAPIsMap.entrySet()) { String apiExtractedPath = apidtoEntry.getKey(); APIDTO apidto = apidtoEntry.getValue(); @@ -653,7 +676,8 @@ private static void setCustomSequencesToBeAdded(APIProduct apiProduct, API api, private static GatewayAPIDTO createAPIGatewayDTOtoPublishAPI(Environment environment, API api, APITemplateBuilder builder, String tenantDomain, String extractedPath, APIDTO apidto, - List clientCertificatesDTOList) + List productionClientCertificatesDTOList, + List sandboxClientCertificatesDTOList) throws APIManagementException, APITemplateException, XMLStreamException { GatewayAPIDTO gatewayAPIDTO = new GatewayAPIDTO(); @@ -754,7 +778,8 @@ private static GatewayAPIDTO createAPIGatewayDTOtoPublishAPI(Environment environ GatewayUtils.setCustomSequencesToBeRemoved(api, gatewayAPIDTO); setAPIFaultSequencesToBeAdded(api, gatewayAPIDTO, extractedPath, apidto); setCustomSequencesToBeAdded(api, gatewayAPIDTO, extractedPath, apidto); - setClientCertificatesToBeAdded(tenantDomain, gatewayAPIDTO, clientCertificatesDTOList); + setClientCertificatesToBeAdded(tenantDomain, gatewayAPIDTO, productionClientCertificatesDTOList, + sandboxClientCertificatesDTOList); boolean isWsApi = APIConstants.APITransportType.WS.toString().equals(api.getType()); if (isWsApi) { @@ -904,20 +929,33 @@ private static void setAPIFaultSequencesToBeAdded(API api, GatewayAPIDTO gateway * To deploy client certificate in given API environment. * * @param tenantDomain Tenant domain. - * @param clientCertificatesDTOList + * @param productionClientCertificatesDTOList + * @param sandboxClientCertificatesDTOList */ private static void setClientCertificatesToBeAdded(String tenantDomain, GatewayAPIDTO gatewayAPIDTO, - List clientCertificatesDTOList) { + List productionClientCertificatesDTOList, + List sandboxClientCertificatesDTOList) { int tenantId = APIUtil.getTenantIdFromTenantDomain(tenantDomain); - if (clientCertificatesDTOList != null) { - for (ClientCertificateDTO clientCertificateDTO : clientCertificatesDTOList) { + if (productionClientCertificatesDTOList != null) { + for (ClientCertificateDTO clientCertificateDTO : productionClientCertificatesDTOList) { + GatewayContentDTO clientCertificate = new GatewayContentDTO(); + clientCertificate.setName(APIConstants.API_KEY_TYPE_PRODUCTION + "_" + clientCertificateDTO.getAlias() + + "_" + tenantId); + clientCertificate.setContent(clientCertificateDTO.getCertificate()); + gatewayAPIDTO.setProductionClientCertificatesToBeAdd(addGatewayContentToList(clientCertificate, + gatewayAPIDTO.getProductionClientCertificatesToBeAdd())); + } + } + if (sandboxClientCertificatesDTOList != null) { + for (ClientCertificateDTO clientCertificateDTO : sandboxClientCertificatesDTOList) { GatewayContentDTO clientCertificate = new GatewayContentDTO(); - clientCertificate.setName(clientCertificateDTO.getAlias() + "_" + tenantId); + clientCertificate.setName(APIConstants.API_KEY_TYPE_SANDBOX + "_" + clientCertificateDTO.getAlias() + + "_" + tenantId); clientCertificate.setContent(clientCertificateDTO.getCertificate()); - gatewayAPIDTO.setClientCertificatesToBeAdd(addGatewayContentToList(clientCertificate, - gatewayAPIDTO.getClientCertificatesToBeAdd())); + gatewayAPIDTO.setSandboxClientCertificatesToBeAdd(addGatewayContentToList(clientCertificate, + gatewayAPIDTO.getSandboxClientCertificatesToBeAdd())); } } } diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/APIControllerUtil.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/APIControllerUtil.java index 0b20f1bd49dc..94a06c4c2d40 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/APIControllerUtil.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/APIControllerUtil.java @@ -983,7 +983,8 @@ private static void handleClientCertificates(JsonArray certificates, Identifier APIIdentifier apiIdentifier = new APIIdentifier(identifier.getProviderName(), identifier.getName(), identifier.getVersion()); - List certs = new ArrayList<>(); + List productionCerts = new ArrayList<>(); + List sandboxCerts = new ArrayList<>(); for (JsonElement certificate : certificates) { JsonObject certObject = certificate.getAsJsonObject(); @@ -991,52 +992,88 @@ private static void handleClientCertificates(JsonArray certificates, Identifier ClientCertificateDTO cert = new ClientCertificateDTO(); cert.setApiIdentifier(apiIdentifier); cert.setAlias(alias); - cert.setKeyType(certObject.get(ImportExportConstants.KEY_TYPE_JSON_KEY).getAsString()); cert.setTierName(certObject.get(ImportExportConstants.CERTIFICATE_TIER_NAME_PROPERTY).getAsString()); String certName = certObject.get(ImportExportConstants.CERTIFICATE_PATH_PROPERTY).getAsString(); cert.setCertificate(certName); - certs.add(cert); - //check and create a directory - String clientCertificatesDirectory = - pathToArchive + ImportExportConstants.CLIENT_CERTIFICATES_DIRECTORY_PATH; - if (!CommonUtil.checkFileExistence(clientCertificatesDirectory)) { - try { - CommonUtil.createDirectory(clientCertificatesDirectory); - } catch (APIImportExportException e) { - throw new APIManagementException(e); + String clientCertificatesDirectory; + String userCertificatesTempDirectoryPath = pathToArchive + ImportExportConstants.DEPLOYMENT_DIRECTORY + + ImportExportConstants.CERTIFICATE_DIRECTORY + File.separator; + String userCertificatesTempDirectory; + + if (certObject.get(ImportExportConstants.KEY_TYPE_JSON_KEY).getAsString(). + equalsIgnoreCase(APIConstants.API_KEY_TYPE_SANDBOX)) { + + sandboxCerts.add(cert); + clientCertificatesDirectory = pathToArchive + ImportExportConstants.CLIENT_CERTIFICATES_DIRECTORY_PATH + + File.separator + APIConstants.API_KEY_TYPE_SANDBOX; + if (!CommonUtil.checkFileExistence(clientCertificatesDirectory)) { + try { + CommonUtil.createDirectory(clientCertificatesDirectory); + } catch (APIImportExportException e) { + throw new APIManagementException(e); + } + } + + //copy certs file from certificates + userCertificatesTempDirectory = userCertificatesTempDirectoryPath + APIConstants.API_KEY_TYPE_SANDBOX; + + } else { + productionCerts.add(cert); + clientCertificatesDirectory = pathToArchive + ImportExportConstants.CLIENT_CERTIFICATES_DIRECTORY_PATH + + File.separator + APIConstants.API_KEY_TYPE_PRODUCTION; + if (!CommonUtil.checkFileExistence(clientCertificatesDirectory)) { + try { + CommonUtil.createDirectory(clientCertificatesDirectory); + } catch (APIImportExportException e) { + throw new APIManagementException(e); + } } + //copy certs file from certificates + userCertificatesTempDirectory = userCertificatesTempDirectoryPath + APIConstants.API_KEY_TYPE_PRODUCTION; } - //copy certs file from certificates - String userCertificatesTempDirectory = pathToArchive + ImportExportConstants.DEPLOYMENT_DIRECTORY - + ImportExportConstants.CERTIFICATE_DIRECTORY; + String sourcePath = userCertificatesTempDirectory + File.separator + certName; String destinationPath = clientCertificatesDirectory + File.separator + certName; if (Files.notExists(Paths.get(sourcePath))) { String errorMessage = - "The mentioned certificate file " + certName + " is not in the certificates directory"; + "The mentioned certificate file " + certName + "of" + certObject.get(ImportExportConstants + .KEY_TYPE_JSON_KEY).getAsString() + " key type is not in the " + "certificates directory"; throw new APIManagementException(errorMessage, ExceptionCodes.ERROR_READING_PARAMS_FILE); } CommonUtil.moveFile(sourcePath, destinationPath); } + JsonElement productionJsonElement = new Gson().toJsonTree(productionCerts); + JsonElement sandboxJsonElement = new Gson().toJsonTree(sandboxCerts); - JsonElement jsonElement = new Gson().toJsonTree(certs); + String metadataFilePath; //generate meta-data yaml file - String metadataFilePath = pathToArchive + ImportExportConstants.CLIENT_CERTIFICATES_META_DATA_FILE_PATH; + metadataFilePath = pathToArchive + ImportExportConstants.PRODUCTION_CLIENT_CERTIFICATES_META_DATA_FILE_PATH; try { - if (CommonUtil.checkFileExistence(metadataFilePath + ImportExportConstants.YAML_EXTENSION)) { - File oldFile = new File(metadataFilePath + ImportExportConstants.YAML_EXTENSION); - oldFile.delete(); - } - if (CommonUtil.checkFileExistence(metadataFilePath + ImportExportConstants.JSON_EXTENSION)) { - File oldFile = new File(metadataFilePath + ImportExportConstants.JSON_EXTENSION); - oldFile.delete(); - } - CommonUtil.writeDtoToFile(metadataFilePath, ExportFormat.JSON, - ImportExportConstants.TYPE_CLIENT_CERTIFICATES, jsonElement); + verifyExistenceOfClientCertAndWriteToMetadataFile(metadataFilePath, productionJsonElement); } catch (APIImportExportException e) { throw new APIManagementException(e); } + metadataFilePath = pathToArchive + ImportExportConstants.SANDBOX_CLIENT_CERTIFICATES_META_DATA_FILE_PATH; + try { + verifyExistenceOfClientCertAndWriteToMetadataFile(metadataFilePath, sandboxJsonElement); + } catch (APIImportExportException e) { + throw new APIManagementException(e); + } + } + + private static void verifyExistenceOfClientCertAndWriteToMetadataFile(String metadataFilePath, JsonElement jsonElement) + throws APIImportExportException, IOException { + if (CommonUtil.checkFileExistence(metadataFilePath + ImportExportConstants.YAML_EXTENSION)) { + File oldFile = new File(metadataFilePath + ImportExportConstants.YAML_EXTENSION); + oldFile.delete(); + } + if (CommonUtil.checkFileExistence(metadataFilePath + ImportExportConstants.JSON_EXTENSION)) { + File oldFile = new File(metadataFilePath + ImportExportConstants.JSON_EXTENSION); + oldFile.delete(); + } + CommonUtil.writeDtoToFile(metadataFilePath, ExportFormat.JSON, + ImportExportConstants.TYPE_CLIENT_CERTIFICATES, jsonElement); } /** diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/ImportUtils.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/ImportUtils.java index 1ce4951b47f6..8034137f6bc3 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/ImportUtils.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/ImportUtils.java @@ -415,8 +415,10 @@ public static ImportedAPIDTO importApi(String extractedFolderPath, APIDTO import if (log.isDebugEnabled()) { log.debug("Mutual SSL enabled. Importing client certificates."); } - addClientCertificates(extractedFolderPath, apiProvider, new ApiTypeWrapper(importedApi), organization, - overwrite, tenantId); + addClientCertificates(extractedFolderPath, apiProvider, new ApiTypeWrapper(importedApi), + APIConstants.API_KEY_TYPE_PRODUCTION, organization, overwrite, tenantId); + addClientCertificates(extractedFolderPath, apiProvider, new ApiTypeWrapper(importedApi), + APIConstants.API_KEY_TYPE_SANDBOX, organization, overwrite, tenantId); } // Change API lifecycle if state transition is required @@ -2249,24 +2251,24 @@ private static void updateAPIWithCertificate(JsonElement certificate, APIProvide * * @param pathToArchive Location of the extracted folder of the API * @param apiProvider API Provider + * @param keyType Key type of the certificate * @param organization Identifier of the organization * @throws APIImportExportException */ private static void addClientCertificates(String pathToArchive, APIProvider apiProvider, - ApiTypeWrapper apiTypeWrapper, String organization, boolean isOverwrite - , int tenantId) - throws APIManagementException { + ApiTypeWrapper apiTypeWrapper, String keyType, String organization, + boolean isOverwrite, int tenantId) throws APIManagementException { try { Identifier apiIdentifier = apiTypeWrapper.getId(); - List certificateMetadataDTOS = retrieveClientCertificates(pathToArchive); + List certificateMetadataDTOS = retrieveClientCertificates(pathToArchive, keyType); for (ClientCertificateDTO certDTO : certificateMetadataDTOS) { if (ResponseCode.ALIAS_EXISTS_IN_TRUST_STORE.getResponseCode() == (apiProvider.addClientCertificate( APIUtil.replaceEmailDomainBack(apiIdentifier.getProviderName()), apiTypeWrapper, - certDTO.getCertificate(), certDTO.getAlias(), certDTO.getTierName(), certDTO.getKeyType(), + certDTO.getCertificate(), certDTO.getAlias(), certDTO.getTierName(), keyType, organization)) && isOverwrite) { apiProvider.updateClientCertificate(certDTO.getCertificate(), certDTO.getAlias(), apiTypeWrapper, - certDTO.getTierName(), certDTO.getKeyType(), tenantId, organization); + certDTO.getTierName(), keyType, tenantId, organization); } } } catch (APIManagementException e) { @@ -2274,12 +2276,16 @@ private static void addClientCertificates(String pathToArchive, APIProvider apiP } } - public static List retrieveClientCertificates(String pathToArchive) + public static List retrieveClientCertificates(String pathToArchive, String keyType) throws APIManagementException { String jsonContent = null; - String pathToClientCertificatesDirectory = - pathToArchive + File.separator + ImportExportConstants.CLIENT_CERTIFICATES_DIRECTORY; + /* + since the certificate file is named by the alias, this also need to store in two separate directories + considering the key type, to support same alias for production and sandbox + */ + String pathToClientCertificatesDirectory = pathToArchive + File.separator + + ImportExportConstants.CLIENT_CERTIFICATES_DIRECTORY + File.separator + keyType; String pathToYamlFile = pathToClientCertificatesDirectory + ImportExportConstants.CLIENT_CERTIFICATE_FILE + ImportExportConstants.YAML_EXTENSION; String pathToJsonFile = pathToClientCertificatesDirectory + ImportExportConstants.CLIENT_CERTIFICATE_FILE @@ -2611,8 +2617,10 @@ public static APIProduct importApiProduct(String extractedFolderPath, Boolean pr log.debug("Mutual SSL enabled. Importing client certificates."); } int tenantId = APIUtil.getTenantId(RestApiCommonUtil.getLoggedInUsername()); - addClientCertificates(extractedFolderPath, apiProvider, apiTypeWrapperWithUpdatedApiProduct, organization, - overwriteAPIProduct, tenantId); + addClientCertificates(extractedFolderPath, apiProvider, apiTypeWrapperWithUpdatedApiProduct, + APIConstants.API_KEY_TYPE_PRODUCTION, organization, overwriteAPIProduct, tenantId); + addClientCertificates(extractedFolderPath, apiProvider, apiTypeWrapperWithUpdatedApiProduct, + APIConstants.API_KEY_TYPE_SANDBOX, organization, overwriteAPIProduct, tenantId); // Change API Product lifecycle if state transition is required if (!lifecycleActions.isEmpty()) { diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/ApisApi.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/ApisApi.java index 0b7e3574d60c..8af77275eddd 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/ApisApi.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/ApisApi.java @@ -100,7 +100,7 @@ public Response addAPIClientCertificate(@ApiParam(value = "**API ID** consisting } @POST - @Path("/{apiId}/client-certificates/{keyType}") + @Path("/{apiId}/client-certificates/v2/{keyType}") @Consumes({ "multipart/form-data" }) @Produces({ "application/json" }) @ApiOperation(value = "Upload a New Certificate of the given key type", notes = "This operation can be used to upload a new certificate for an endpoint of the given type. ", response = ClientCertMetadataDTO.class, authorizations = { @@ -419,7 +419,7 @@ public Response deleteAPIClientCertificateByAlias(@ApiParam(value = "The alias o } @DELETE - @Path("/{apiId}/client-certificates/{keyType}/{alias}") + @Path("/{apiId}/client-certificates/v2/{keyType}/{alias}") @Produces({ "application/json" }) @ApiOperation(value = "Delete a Certificate of a Given Key Type", notes = "This operation can be used to delete an uploaded certificate of a given key type. ", response = Void.class, authorizations = { @@ -699,7 +699,7 @@ public Response getAPIClientCertificateByAlias(@ApiParam(value = "",required=tru } @GET - @Path("/{apiId}/client-certificates/{keyType}/{alias}") + @Path("/{apiId}/client-certificates/v2/{keyType}/{alias}") @Produces({ "application/json" }) @ApiOperation(value = "Get the Certificate Information of a Given Key Type", notes = "This operation can be used to get the information about a certificate of a given key type. ", response = CertificateInfoDTO.class, authorizations = { @@ -741,7 +741,7 @@ public Response getAPIClientCertificateContentByAlias(@ApiParam(value = "**API I } @GET - @Path("/{apiId}/client-certificates/{keyType}/{alias}/content") + @Path("/{apiId}/client-certificates/v2/{keyType}/{alias}/content") @Produces({ "application/json" }) @ApiOperation(value = "Download a Certificate of Given Key Type", notes = "This operation can be used to download a certificate which matches the given alias and key type. ", response = Void.class, authorizations = { @@ -782,7 +782,7 @@ public Response getAPIClientCertificates(@ApiParam(value = "**API ID** consistin } @GET - @Path("/{apiId}/client-certificates/{keyType}") + @Path("/{apiId}/client-certificates/v2/{keyType}") @Produces({ "application/json" }) @ApiOperation(value = "Retrieve/ Search Uploaded Client Certificates of a given key type", notes = "This operation can be used to retrieve and search the uploaded client certificates of a given key type. ", response = ClientCertificatesDTO.class, authorizations = { @@ -1654,7 +1654,7 @@ public Response updateAPIClientCertificateByAlias( @Size(min=1,max=30)@ApiParam( } @PUT - @Path("/{apiId}/client-certificates/{keyType}/{alias}") + @Path("/{apiId}/client-certificates/v2/{keyType}/{alias}") @Consumes({ "multipart/form-data" }) @Produces({ "application/json" }) @ApiOperation(value = "Update a Certificate of a Given Key Type", notes = "This operation can be used to update an uploaded certificate of a given key type. ", response = ClientCertMetadataDTO.class, authorizations = { diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/ApisApiServiceImpl.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/ApisApiServiceImpl.java index e094ad535347..16a836a8c952 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/ApisApiServiceImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/ApisApiServiceImpl.java @@ -1180,8 +1180,8 @@ public Response addAPIClientCertificateOfGivenKeyType(String keyType, String api RestApiUtil.handleInternalServerError( "Internal server error while adding the client certificate to " + "API " + apiId, log); } else if (ResponseCode.ALIAS_EXISTS_IN_TRUST_STORE.getResponseCode() == responseCode) { - RestApiUtil.handleResourceAlreadyExistsError( - "The alias '" + alias + "' already exists in the trust store.", log); + RestApiUtil.handleResourceAlreadyExistsError("The alias '" + alias + + "' already exists in the trust store for " + keyType + " key type.", log); } else if (ResponseCode.CERTIFICATE_EXPIRED.getResponseCode() == responseCode) { RestApiUtil.handleBadRequest( "Error while adding the certificate to the API " + apiId + ". " + "Certificate Expired.", log); diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml index 2cd878390958..1f4536a16f6a 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml @@ -4669,7 +4669,7 @@ paths: "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates"' operationId: addAPIClientCertificate - /apis/{apiId}/client-certificates/{keyType}: + /apis/{apiId}/client-certificates/v2/{keyType}: parameters: - in: path name: keyType @@ -4951,7 +4951,7 @@ paths: source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon"' operationId: deleteAPIClientCertificateByAlias - /apis/{apiId}/client-certificates/{keyType}/{alias}: + /apis/{apiId}/client-certificates/v2/{keyType}/{alias}: parameters: - in: path name: keyType @@ -5160,7 +5160,7 @@ paths: "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon/content" > test.crt' operationId: getAPIClientCertificateContentByAlias - /apis/{apiId}/client-certificates/{keyType}/{alias}/content: + /apis/{apiId}/client-certificates/v2/{keyType}/{alias}/content: get: tags: - Client Certificates diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/RestApiConstants.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/RestApiConstants.java index c18551ceffab..bcf95830660e 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/RestApiConstants.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/RestApiConstants.java @@ -263,7 +263,7 @@ public final class RestApiConstants { public static final String MIGRATION_MODE = "migrationMode"; public static final String CERTS_BASE_PATH = "/certificates"; - public static final String CLIENT_CERTS_BASE_PATH = "/clientCertificates"; + public static final String CLIENT_CERTS_BASE_PATH = "/clientCertificates/v2"; public static final String CERTS_GET_PAGINATED_URL = CERTS_BASE_PATH + "?limit=" + LIMIT_PARAM + "&offset=" + OFFSET_PARAM + QUERY_PARAM; public static final String CLIENT_CERTS_GET_PAGINATED_URL = diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/multi-dc/OGG/oracle/apimgt/tables.sql b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/multi-dc/OGG/oracle/apimgt/tables.sql index e6bf8b139413..bd76746e5608 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/multi-dc/OGG/oracle/apimgt/tables.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/multi-dc/OGG/oracle/apimgt/tables.sql @@ -1893,7 +1893,7 @@ CREATE TABLE AM_API_CLIENT_CERTIFICATE ( KEY_TYPE VARCHAR2(20) DEFAULT 'PRODUCTION' NOT NULL, REVISION_UUID VARCHAR2(255) DEFAULT 'Current API' NOT NULL, FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE, - PRIMARY KEY (ALIAS, KEY_TYPE, TENANT_ID, REMOVED, REVISION_UUID) + PRIMARY KEY (ALIAS, TENANT_ID, KEY_TYPE, REMOVED, REVISION_UUID) ) / CREATE TABLE AM_APPLICATION_GROUP_MAPPING ( diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/multi-dc/OGG/oracle/apimgt/tables_23c.sql b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/multi-dc/OGG/oracle/apimgt/tables_23c.sql index fdc06e18fe8e..645b74970270 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/multi-dc/OGG/oracle/apimgt/tables_23c.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/multi-dc/OGG/oracle/apimgt/tables_23c.sql @@ -1893,7 +1893,7 @@ CREATE TABLE AM_API_CLIENT_CERTIFICATE ( KEY_TYPE VARCHAR2(20) DEFAULT 'PRODUCTION' NOT NULL, REVISION_UUID VARCHAR2(255) DEFAULT 'Current API' NOT NULL, FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE, - PRIMARY KEY (ALIAS, KEY_TYPE, TENANT_ID, REMOVED, REVISION_UUID) + PRIMARY KEY (ALIAS, TENANT_ID, KEY_TYPE, REMOVED, REVISION_UUID) ) / CREATE TABLE AM_APPLICATION_GROUP_MAPPING ( diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/multi-dc/SQLServer/mssql/apimgt/tables.sql b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/multi-dc/SQLServer/mssql/apimgt/tables.sql index d4e3a839ac21..15a7763abbf4 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/multi-dc/SQLServer/mssql/apimgt/tables.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/multi-dc/SQLServer/mssql/apimgt/tables.sql @@ -2228,7 +2228,7 @@ CREATE TABLE AM_API_CLIENT_CERTIFICATE ( TIER_NAME VARCHAR(512), KEY_TYPE VARCHAR(20) NOT NULL DEFAULT 'PRODUCTION', REVISION_UUID VARCHAR(255) NOT NULL DEFAULT 'Current API', - PRIMARY KEY (ALIAS, KEY_TYPE, TENANT_ID, REMOVED, REVISION_UUID), + PRIMARY KEY (ALIAS, TENANT_ID, KEY_TYPE, REMOVED, REVISION_UUID), FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE ); diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/db2.sql b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/db2.sql index 0d3fe3c4be3f..1a3bf480dbda 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/db2.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/db2.sql @@ -2772,7 +2772,7 @@ CREATE TABLE AM_API_CLIENT_CERTIFICATE ( KEY_TYPE VARCHAR(20) NOT NULL DEFAULT 'PRODUCTION', REVISION_UUID VARCHAR(255) NOT NULL DEFAULT 'Current API', FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE, - PRIMARY KEY (ALIAS, KEY_TYPE, TENANT_ID, REMOVED, REVISION_UUID) + PRIMARY KEY (ALIAS, TENANT_ID, KEY_TYPE, REMOVED, REVISION_UUID) )/ CREATE TABLE AM_APPLICATION_GROUP_MAPPING ( diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/h2.sql b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/h2.sql index 98402e27a516..16a72011705b 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/h2.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/h2.sql @@ -2017,7 +2017,7 @@ CREATE TABLE IF NOT EXISTS AM_API_CLIENT_CERTIFICATE ( KEY_TYPE VARCHAR(20) NOT NULL DEFAULT 'PRODUCTION', REVISION_UUID VARCHAR(255) NOT NULL DEFAULT 'Current API', FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (ALIAS,TENANT_ID, REMOVED, REVISION_UUID) + PRIMARY KEY (ALIAS,TENANT_ID, KEY_TYPE, REMOVED, REVISION_UUID) ); CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/mssql.sql b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/mssql.sql index 01f3fa3a7a15..b183ac022fbf 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/mssql.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/mssql.sql @@ -2239,7 +2239,7 @@ CREATE TABLE AM_API_CLIENT_CERTIFICATE ( TIER_NAME VARCHAR(512), KEY_TYPE VARCHAR(20) NOT NULL DEFAULT 'PRODUCTION', REVISION_UUID VARCHAR(255) NOT NULL DEFAULT 'Current API', - PRIMARY KEY (ALIAS, KEY_TYPE, TENANT_ID, REMOVED, REVISION_UUID), + PRIMARY KEY (ALIAS, TENANT_ID, KEY_TYPE, REMOVED, REVISION_UUID), FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE ); diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/mysql.sql b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/mysql.sql index 931dd31cacbf..a4bace7ddf78 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/mysql.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/mysql.sql @@ -1964,7 +1964,7 @@ CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( `KEY_TYPE` VARCHAR(20) NOT NULL DEFAULT 'PRODUCTION', `REVISION_UUID` VARCHAR(255) NOT NULL DEFAULT 'Current API', FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`, `REVISION_UUID`) + PRIMARY KEY (`ALIAS`, `TENANT_ID`, `KEY_TYPE`, `REMOVED`, `REVISION_UUID`) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/mysql_cluster.sql b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/mysql_cluster.sql index fcf364b58b4c..51c0dd21ee7b 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/mysql_cluster.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/mysql_cluster.sql @@ -2144,7 +2144,7 @@ CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( `KEY_TYPE` VARCHAR(20) NOT NULL DEFAULT 'PRODUCTION', `REVISION_UUID` VARCHAR(255) NOT NULL DEFAULT 'Current API', FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID), - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`, `REVISION_UUID`) + PRIMARY KEY (`ALIAS`, `TENANT_ID`, `KEY_TYPE`, `REMOVED`, `REVISION_UUID`) ) ENGINE=NDB; CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/oracle.sql b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/oracle.sql index 97769e017052..a5591c7086a4 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/oracle.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/oracle.sql @@ -3224,7 +3224,7 @@ CREATE TABLE AM_API_CLIENT_CERTIFICATE ( KEY_TYPE VARCHAR2(20) DEFAULT 'PRODUCTION' NOT NULL, REVISION_UUID VARCHAR2(255) DEFAULT 'Current API' NOT NULL, FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE, - PRIMARY KEY (ALIAS, KEY_TYPE, TENANT_ID, REMOVED, REVISION_UUID) + PRIMARY KEY (ALIAS, TENANT_ID, KEY_TYPE, REMOVED, REVISION_UUID) ) / diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/oracle_23c.sql b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/oracle_23c.sql index ddf1e38f0d47..5c62db3fc242 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/oracle_23c.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/oracle_23c.sql @@ -3224,7 +3224,7 @@ CREATE TABLE AM_API_CLIENT_CERTIFICATE ( KEY_TYPE VARCHAR2(20) DEFAULT 'PRODUCTION' NOT NULL, REVISION_UUID VARCHAR2(255) DEFAULT 'Current API' NOT NULL, FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE, - PRIMARY KEY (ALIAS, KEY_TYPE, TENANT_ID, REMOVED, REVISION_UUID) + PRIMARY KEY (ALIAS, TENANT_ID, KEY_TYPE, REMOVED, REVISION_UUID) ) / diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/oracle_rac.sql b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/oracle_rac.sql index 69f0c0829092..441969cf40a2 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/oracle_rac.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/oracle_rac.sql @@ -3198,7 +3198,7 @@ CREATE TABLE AM_API_CLIENT_CERTIFICATE ( KEY_TYPE VARCHAR2(20) DEFAULT 'PRODUCTION' NOT NULL, REVISION_UUID VARCHAR2(255) DEFAULT 'Current API' NOT NULL, FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE, - PRIMARY KEY (ALIAS, KEY_TYPE, TENANT_ID, REMOVED, REVISION_UUID) + PRIMARY KEY (ALIAS, TENANT_ID, KEY_TYPE, REMOVED, REVISION_UUID) ) / diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/postgresql.sql b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/postgresql.sql index c22b2e025a80..da2e4fb70541 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/postgresql.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/postgresql.sql @@ -2330,7 +2330,7 @@ CREATE TABLE AM_API_CLIENT_CERTIFICATE ( KEY_TYPE VARCHAR(20) NOT NULL DEFAULT 'PRODUCTION', REVISION_UUID VARCHAR(255) NOT NULL DEFAULT 'Current API', FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE, - PRIMARY KEY (ALIAS, KEY_TYPE, TENANT_ID, REMOVED, REVISION_UUID) + PRIMARY KEY (ALIAS, TENANT_ID, KEY_TYPE, REMOVED, REVISION_UUID) ); DROP TABLE IF EXISTS AM_APPLICATION_GROUP_MAPPING; diff --git a/features/apimgt/org.wso2.carbon.apimgt.keymanager.feature/src/main/resources/sql/h2.sql b/features/apimgt/org.wso2.carbon.apimgt.keymanager.feature/src/main/resources/sql/h2.sql index ea536e316628..ad6989643e3a 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.keymanager.feature/src/main/resources/sql/h2.sql +++ b/features/apimgt/org.wso2.carbon.apimgt.keymanager.feature/src/main/resources/sql/h2.sql @@ -1703,7 +1703,7 @@ CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( `TIER_NAME` VARCHAR (512), `KEY_TYPE` VARCHAR(20) NOT NULL DEFAULT 'PRODUCTION', FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`,`TENANT_ID`, `REMOVED`) + PRIMARY KEY (`ALIAS`,`TENANT_ID`, `KEY_TYPE`, `REMOVED`) ); CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING (