From 0d7f96dcb5585599711dd0f9908c9164a9e089fa Mon Sep 17 00:00:00 2001 From: Tharsanan1 Date: Thu, 15 Feb 2024 08:50:29 +0530 Subject: [PATCH] init commit --- .../discovery/api/api_authentication.proto | 15 +- .../internal/oasparser/config_generator.go | 16 +- .../oasparser/model/adapter_internal_api.go | 1 + .../internal/oasparser/model/api_operation.go | 7 +- .../internal/oasparser/model/http_route.go | 28 +- .../discovery/api/api_authentication.pb.go | 161 +++--- .../discovery/service/apkmgt/eventds.pb.go | 278 ++++++++++ .../discovery/subscription/application.pb.go | 218 ++++++++ .../application_key_mapping.pb.go | 234 ++++++++ .../subscription/applicationmapping.pb.go | 203 +++++++ .../wso2/discovery/subscription/event.pb.go | 267 +++++++++ .../discovery/subscription/subscription.pb.go | 276 ++++++++++ .../dp/v1alpha1/authentication_conversion.go | 30 + .../apis/dp/v1alpha2/authentication_types.go | 24 +- .../apis/dp/v1alpha2/zz_generated.deepcopy.go | 37 +- .../bases/dp.wso2.com_authentications.yaml | 80 ++- .../commons/dto/JWTValidationInfo.java | 10 + .../commons/model/AuthenticationConfig.java | 11 + .../model/JWTAuthenticationConfig.java | 18 + .../model/Oauth2AuthenticationConfig.java | 40 ++ .../java/org/wso2/apk/enforcer/api/Utils.java | 55 +- .../discovery/api/APIAuthentication.java | 188 +++---- .../api/APIAuthenticationOrBuilder.java | 16 +- .../discovery/api/APIAuthenticationProto.java | 47 +- .../wso2/apk/enforcer/discovery/api/JWT.java | 195 +++++++ .../enforcer/discovery/api/JWTOrBuilder.java | 25 + .../api/{TestConsoleKey.java => Oauth2.java} | 132 ++--- .../discovery/api/Oauth2OrBuilder.java | 39 ++ .../service/apkmgt/EventServiceProto.java | 8 +- .../ApplicationKeyMappingProto.java | 8 +- .../subscription/ApplicationMappingProto.java | 8 +- .../subscription/ApplicationProto.java | 9 +- .../discovery/subscription/EventProto.java | 8 +- .../subscription/SubscriptionProto.java | 8 +- .../apk/enforcer/security/AuthFilter.java | 19 +- .../jwt/InternalAPIKeyAuthenticator.java | 312 ----------- .../security/jwt/JWTAuthenticator.java | 60 +- .../security/jwt/Oauth2Authenticator.java | 516 ++++++++++++++++++ .../security/jwt/validator/JWTValidator.java | 1 + ...atorTest.java => Oauth2ValidatorTest.java} | 80 +-- .../crds/dp.wso2.com_authentications.yaml | 80 ++- 41 files changed, 2961 insertions(+), 807 deletions(-) create mode 100644 adapter/pkg/discovery/api/wso2/discovery/service/apkmgt/eventds.pb.go create mode 100644 adapter/pkg/discovery/api/wso2/discovery/subscription/application.pb.go create mode 100644 adapter/pkg/discovery/api/wso2/discovery/subscription/application_key_mapping.pb.go create mode 100644 adapter/pkg/discovery/api/wso2/discovery/subscription/applicationmapping.pb.go create mode 100644 adapter/pkg/discovery/api/wso2/discovery/subscription/event.pb.go create mode 100644 adapter/pkg/discovery/api/wso2/discovery/subscription/subscription.pb.go create mode 100644 gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/Oauth2AuthenticationConfig.java rename gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/{TestConsoleKey.java => Oauth2.java} (78%) create mode 100644 gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Oauth2OrBuilder.java delete mode 100644 gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/InternalAPIKeyAuthenticator.java create mode 100644 gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/Oauth2Authenticator.java rename gateway/enforcer/org.wso2.apk.enforcer/src/test/java/org/wso2/apk/enforcer/jwt/{JWTValidatorTest.java => Oauth2ValidatorTest.java} (92%) diff --git a/adapter/api/proto/wso2/discovery/api/api_authentication.proto b/adapter/api/proto/wso2/discovery/api/api_authentication.proto index efbff0caf2..59f0a970c5 100644 --- a/adapter/api/proto/wso2/discovery/api/api_authentication.proto +++ b/adapter/api/proto/wso2/discovery/api/api_authentication.proto @@ -35,16 +35,17 @@ message APIKey { message JWT { string header = 1; // name of the header containing the JWT bool sendTokenToUpstream = 2; // send the token to upstream + repeated string audience = 3; +} + +message Oauth2 { + string header = 1; // name of the header containing the JWT + bool sendTokenToUpstream = 2; // send the token to upstream } message APIAuthentication { bool disabled = 1; // disable authentication JWT jwt = 2; repeated APIKey apikey = 3; - TestConsoleKey testConsoleKey = 4; -} - -message TestConsoleKey { - string header = 1; // name of the header containing the test key - bool sendTokenToUpstream = 2; // send the token to upstream -} + Oauth2 Oauth2 = 4; +} \ No newline at end of file diff --git a/adapter/internal/oasparser/config_generator.go b/adapter/internal/oasparser/config_generator.go index b8763c81be..9b13961f79 100644 --- a/adapter/internal/oasparser/config_generator.go +++ b/adapter/internal/oasparser/config_generator.go @@ -273,19 +273,13 @@ func castAPIAuthenticationsToEnforcerAPIAuthentications(authentication *model.Au }) } enforcerAuthentication.Apikey = apiKeys - if authentication.TestConsoleKey != nil { - enforcerAuthentication.TestConsoleKey = &api.TestConsoleKey{ - Header: strings.ToLower(authentication.TestConsoleKey.Header), - SendTokenToUpstream: authentication.TestConsoleKey.SendTokenToUpstream, + if authentication.Oauth2 != nil { + enforcerAuthentication.Oauth2 = &api.Oauth2{ + Header: strings.ToLower(authentication.Oauth2.Header), + SendTokenToUpstream: authentication.Oauth2.SendTokenToUpstream, } } - if authentication.TestConsoleKey != nil { - enforcerAuthentication.TestConsoleKey = &api.TestConsoleKey{ - Header: strings.ToLower(authentication.TestConsoleKey.Header), - SendTokenToUpstream: authentication.TestConsoleKey.SendTokenToUpstream, - } - } - + logger.LoggerOasparser.Infof("authentication: %+v, next: %+v", authentication, enforcerAuthentication) return enforcerAuthentication } diff --git a/adapter/internal/oasparser/model/adapter_internal_api.go b/adapter/internal/oasparser/model/adapter_internal_api.go index 882226d31f..956df25347 100644 --- a/adapter/internal/oasparser/model/adapter_internal_api.go +++ b/adapter/internal/oasparser/model/adapter_internal_api.go @@ -694,6 +694,7 @@ func (adapterInternalAPI *AdapterInternalAPI) SetInfoHTTPRouteCR(httpRoute *gwap loggers.LoggerOasparser.Debugf("Calculating auths for API ..., API_UUID = %v", adapterInternalAPI.UUID) apiAuth := getSecurity(resourceAuthScheme) + loggers.LoggerOasparser.Infof("API auth %+v, api: %+v, resource auth scheme: %+v, rule: %+v", apiAuth, adapterInternalAPI.UUID, resourceAuthScheme, *rule.Matches[0].Path.Value) if len(rule.BackendRefs) < 1 { return fmt.Errorf("no backendref were provided") } diff --git a/adapter/internal/oasparser/model/api_operation.go b/adapter/internal/oasparser/model/api_operation.go index a3d2285445..1aee35a1e2 100644 --- a/adapter/internal/oasparser/model/api_operation.go +++ b/adapter/internal/oasparser/model/api_operation.go @@ -50,17 +50,18 @@ type Authentication struct { Disabled bool JWT *JWT APIKey []APIKey - TestConsoleKey *TestConsoleKey + Oauth2 *Oauth2 } // JWT holds JWT related configurations type JWT struct { Header string SendTokenToUpstream bool + Audience []string } -// TestConsoleKey holds testkey related configurations -type TestConsoleKey struct { +// Oauth2 holds JWT related configurations +type Oauth2 struct { Header string SendTokenToUpstream bool } diff --git a/adapter/internal/oasparser/model/http_route.go b/adapter/internal/oasparser/model/http_route.go index 11fb078d7e..ad7840dccc 100644 --- a/adapter/internal/oasparser/model/http_route.go +++ b/adapter/internal/oasparser/model/http_route.go @@ -225,6 +225,10 @@ func concatAuthSchemes(schemeUp *dpv1alpha2.Authentication, schemeDown *dpv1alph // make sure authscheme only has external service override values. (i.e. empty default values) // tip: use concatScheme method func getSecurity(authScheme *dpv1alpha2.Authentication) *Authentication { + loggers.LoggerAPK.Infof("Auth: name : %+v", authScheme.ObjectMeta.Name) + if (authScheme.Spec.Override != nil && authScheme.Spec.Override.AuthTypes != nil) { + loggers.LoggerAPK.Infof("Auth: %+v", *(authScheme.Spec.Override.AuthTypes)) + } authHeader := constants.AuthorizationHeader if authScheme != nil && authScheme.Spec.Override != nil && authScheme.Spec.Override.AuthTypes != nil && len(authScheme.Spec.Override.AuthTypes.Oauth2.Header) > 0 { authHeader = authScheme.Spec.Override.AuthTypes.Oauth2.Header @@ -234,19 +238,30 @@ func getSecurity(authScheme *dpv1alpha2.Authentication) *Authentication { sendTokenToUpstream = authScheme.Spec.Override.AuthTypes.Oauth2.SendTokenToUpstream } auth := &Authentication{Disabled: false, - TestConsoleKey: &TestConsoleKey{Header: constants.TestConsoleKeyHeader}, - JWT: &JWT{Header: authHeader, SendTokenToUpstream: sendTokenToUpstream}, + Oauth2: &Oauth2{Header: authHeader, SendTokenToUpstream: sendTokenToUpstream}, } if authScheme != nil && authScheme.Spec.Override != nil { if authScheme.Spec.Override.Disabled != nil && *authScheme.Spec.Override.Disabled { return &Authentication{Disabled: true} } authFound := false - if authScheme.Spec.Override.AuthTypes != nil && authScheme.Spec.Override.AuthTypes.Oauth2.Disabled { - auth = &Authentication{Disabled: false, - TestConsoleKey: &TestConsoleKey{Header: constants.TestConsoleKeyHeader}, - } + if authScheme.Spec.Override.AuthTypes == nil || !authScheme.Spec.Override.AuthTypes.Oauth2.Disabled { + authFound = true } else { + auth = &Authentication{Disabled: false} + } + if authScheme.Spec.Override.AuthTypes == nil || !authScheme.Spec.Override.AuthTypes.JWT.Disabled { + audience := make([]string, 0) + if (len(authScheme.Spec.Override.AuthTypes.JWT.Audience) > 0) { + loggers.LoggerAPK.Infof("Auth: aud exists") + audience = authScheme.Spec.Override.AuthTypes.JWT.Audience + } + jwtHeader := constants.TestConsoleKeyHeader + if (len(authScheme.Spec.Override.AuthTypes.JWT.Header) > 0) { + loggers.LoggerAPK.Infof("Auth: header exists") + jwtHeader = authScheme.Spec.Override.AuthTypes.JWT.Header + } + auth.JWT = &JWT{Header: jwtHeader, SendTokenToUpstream: sendTokenToUpstream, Audience: audience} authFound = true } if authScheme.Spec.Override.AuthTypes != nil && authScheme.Spec.Override.AuthTypes.APIKey != nil { @@ -266,6 +281,7 @@ func getSecurity(authScheme *dpv1alpha2.Authentication) *Authentication { return &Authentication{Disabled: true} } } + loggers.LoggerAPK.Infof("Auth: final auth %+v", *auth) return auth } diff --git a/adapter/pkg/discovery/api/wso2/discovery/api/api_authentication.pb.go b/adapter/pkg/discovery/api/wso2/discovery/api/api_authentication.pb.go index 4f0c0bd78c..be0fb06e13 100644 --- a/adapter/pkg/discovery/api/wso2/discovery/api/api_authentication.pb.go +++ b/adapter/pkg/discovery/api/wso2/discovery/api/api_authentication.pb.go @@ -105,8 +105,9 @@ type JWT struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Header string `protobuf:"bytes,1,opt,name=header,proto3" json:"header,omitempty"` // name of the header containing the JWT - SendTokenToUpstream bool `protobuf:"varint,2,opt,name=sendTokenToUpstream,proto3" json:"sendTokenToUpstream,omitempty"` // send the token to upstream + Header string `protobuf:"bytes,1,opt,name=header,proto3" json:"header,omitempty"` // name of the header containing the JWT + SendTokenToUpstream bool `protobuf:"varint,2,opt,name=sendTokenToUpstream,proto3" json:"sendTokenToUpstream,omitempty"` // send the token to upstream + Audience []string `protobuf:"bytes,3,rep,name=audience,proto3" json:"audience,omitempty"` } func (x *JWT) Reset() { @@ -155,19 +156,24 @@ func (x *JWT) GetSendTokenToUpstream() bool { return false } -type APIAuthentication struct { +func (x *JWT) GetAudience() []string { + if x != nil { + return x.Audience + } + return nil +} + +type Oauth2 struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Disabled bool `protobuf:"varint,1,opt,name=disabled,proto3" json:"disabled,omitempty"` // disable authentication - Jwt *JWT `protobuf:"bytes,2,opt,name=jwt,proto3" json:"jwt,omitempty"` - Apikey []*APIKey `protobuf:"bytes,3,rep,name=apikey,proto3" json:"apikey,omitempty"` - TestConsoleKey *TestConsoleKey `protobuf:"bytes,4,opt,name=testConsoleKey,proto3" json:"testConsoleKey,omitempty"` + Header string `protobuf:"bytes,1,opt,name=header,proto3" json:"header,omitempty"` // name of the header containing the JWT + SendTokenToUpstream bool `protobuf:"varint,2,opt,name=sendTokenToUpstream,proto3" json:"sendTokenToUpstream,omitempty"` // send the token to upstream } -func (x *APIAuthentication) Reset() { - *x = APIAuthentication{} +func (x *Oauth2) Reset() { + *x = Oauth2{} if protoimpl.UnsafeEnabled { mi := &file_wso2_discovery_api_api_authentication_proto_msgTypes[2] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -175,13 +181,13 @@ func (x *APIAuthentication) Reset() { } } -func (x *APIAuthentication) String() string { +func (x *Oauth2) String() string { return protoimpl.X.MessageStringOf(x) } -func (*APIAuthentication) ProtoMessage() {} +func (*Oauth2) ProtoMessage() {} -func (x *APIAuthentication) ProtoReflect() protoreflect.Message { +func (x *Oauth2) ProtoReflect() protoreflect.Message { mi := &file_wso2_discovery_api_api_authentication_proto_msgTypes[2] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -193,50 +199,38 @@ func (x *APIAuthentication) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use APIAuthentication.ProtoReflect.Descriptor instead. -func (*APIAuthentication) Descriptor() ([]byte, []int) { +// Deprecated: Use Oauth2.ProtoReflect.Descriptor instead. +func (*Oauth2) Descriptor() ([]byte, []int) { return file_wso2_discovery_api_api_authentication_proto_rawDescGZIP(), []int{2} } -func (x *APIAuthentication) GetDisabled() bool { - if x != nil { - return x.Disabled - } - return false -} - -func (x *APIAuthentication) GetJwt() *JWT { +func (x *Oauth2) GetHeader() string { if x != nil { - return x.Jwt - } - return nil -} - -func (x *APIAuthentication) GetApikey() []*APIKey { - if x != nil { - return x.Apikey + return x.Header } - return nil + return "" } -func (x *APIAuthentication) GetTestConsoleKey() *TestConsoleKey { +func (x *Oauth2) GetSendTokenToUpstream() bool { if x != nil { - return x.TestConsoleKey + return x.SendTokenToUpstream } - return nil + return false } -type TestConsoleKey struct { +type APIAuthentication struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Header string `protobuf:"bytes,1,opt,name=header,proto3" json:"header,omitempty"` // name of the header containing the test key - SendTokenToUpstream bool `protobuf:"varint,2,opt,name=sendTokenToUpstream,proto3" json:"sendTokenToUpstream,omitempty"` // send the token to upstream + Disabled bool `protobuf:"varint,1,opt,name=disabled,proto3" json:"disabled,omitempty"` // disable authentication + Jwt *JWT `protobuf:"bytes,2,opt,name=jwt,proto3" json:"jwt,omitempty"` + Apikey []*APIKey `protobuf:"bytes,3,rep,name=apikey,proto3" json:"apikey,omitempty"` + Oauth2 *Oauth2 `protobuf:"bytes,4,opt,name=Oauth2,proto3" json:"Oauth2,omitempty"` } -func (x *TestConsoleKey) Reset() { - *x = TestConsoleKey{} +func (x *APIAuthentication) Reset() { + *x = APIAuthentication{} if protoimpl.UnsafeEnabled { mi := &file_wso2_discovery_api_api_authentication_proto_msgTypes[3] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -244,13 +238,13 @@ func (x *TestConsoleKey) Reset() { } } -func (x *TestConsoleKey) String() string { +func (x *APIAuthentication) String() string { return protoimpl.X.MessageStringOf(x) } -func (*TestConsoleKey) ProtoMessage() {} +func (*APIAuthentication) ProtoMessage() {} -func (x *TestConsoleKey) ProtoReflect() protoreflect.Message { +func (x *APIAuthentication) ProtoReflect() protoreflect.Message { mi := &file_wso2_discovery_api_api_authentication_proto_msgTypes[3] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -262,23 +256,37 @@ func (x *TestConsoleKey) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use TestConsoleKey.ProtoReflect.Descriptor instead. -func (*TestConsoleKey) Descriptor() ([]byte, []int) { +// Deprecated: Use APIAuthentication.ProtoReflect.Descriptor instead. +func (*APIAuthentication) Descriptor() ([]byte, []int) { return file_wso2_discovery_api_api_authentication_proto_rawDescGZIP(), []int{3} } -func (x *TestConsoleKey) GetHeader() string { +func (x *APIAuthentication) GetDisabled() bool { if x != nil { - return x.Header + return x.Disabled } - return "" + return false } -func (x *TestConsoleKey) GetSendTokenToUpstream() bool { +func (x *APIAuthentication) GetJwt() *JWT { if x != nil { - return x.SendTokenToUpstream + return x.Jwt } - return false + return nil +} + +func (x *APIAuthentication) GetApikey() []*APIKey { + if x != nil { + return x.Apikey + } + return nil +} + +func (x *APIAuthentication) GetOauth2() *Oauth2 { + if x != nil { + return x.Oauth2 + } + return nil } var File_wso2_discovery_api_api_authentication_proto protoreflect.FileDescriptor @@ -294,12 +302,19 @@ var file_wso2_discovery_api_api_authentication_proto_rawDesc = []byte{ 0x30, 0x0a, 0x13, 0x73, 0x65, 0x6e, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x6f, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x73, 0x65, 0x6e, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x6f, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, - 0x6d, 0x22, 0x4f, 0x0a, 0x03, 0x4a, 0x57, 0x54, 0x12, 0x16, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, + 0x6d, 0x22, 0x6b, 0x0a, 0x03, 0x4a, 0x57, 0x54, 0x12, 0x16, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x30, 0x0a, 0x13, 0x73, 0x65, 0x6e, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x6f, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x73, 0x65, 0x6e, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x6f, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, - 0x61, 0x6d, 0x22, 0xda, 0x01, 0x0a, 0x11, 0x41, 0x50, 0x49, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, + 0x61, 0x6d, 0x12, 0x1a, 0x0a, 0x08, 0x61, 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x18, 0x03, + 0x20, 0x03, 0x28, 0x09, 0x52, 0x08, 0x61, 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x22, 0x52, + 0x0a, 0x06, 0x4f, 0x61, 0x75, 0x74, 0x68, 0x32, 0x12, 0x16, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, + 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, + 0x12, 0x30, 0x0a, 0x13, 0x73, 0x65, 0x6e, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x6f, 0x55, + 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x73, + 0x65, 0x6e, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x6f, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, + 0x61, 0x6d, 0x22, 0xc2, 0x01, 0x0a, 0x11, 0x41, 0x50, 0x49, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1a, 0x0a, 0x08, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x29, 0x0a, 0x03, 0x6a, 0x77, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, @@ -308,26 +323,18 @@ var file_wso2_discovery_api_api_authentication_proto_rawDesc = []byte{ 0x32, 0x0a, 0x06, 0x61, 0x70, 0x69, 0x6b, 0x65, 0x79, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x41, 0x50, 0x49, 0x4b, 0x65, 0x79, 0x52, 0x06, 0x61, 0x70, 0x69, - 0x6b, 0x65, 0x79, 0x12, 0x4a, 0x0a, 0x0e, 0x74, 0x65, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x73, 0x6f, - 0x6c, 0x65, 0x4b, 0x65, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x77, 0x73, - 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, - 0x2e, 0x54, 0x65, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x73, 0x6f, 0x6c, 0x65, 0x4b, 0x65, 0x79, 0x52, - 0x0e, 0x74, 0x65, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x73, 0x6f, 0x6c, 0x65, 0x4b, 0x65, 0x79, 0x22, - 0x5a, 0x0a, 0x0e, 0x54, 0x65, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x73, 0x6f, 0x6c, 0x65, 0x4b, 0x65, - 0x79, 0x12, 0x16, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x30, 0x0a, 0x13, 0x73, 0x65, 0x6e, - 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x6f, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, - 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x73, 0x65, 0x6e, 0x64, 0x54, 0x6f, 0x6b, 0x65, - 0x6e, 0x54, 0x6f, 0x55, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x42, 0x7e, 0x0a, 0x23, 0x6f, - 0x72, 0x67, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e, 0x66, 0x6f, - 0x72, 0x63, 0x65, 0x72, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, - 0x70, 0x69, 0x42, 0x16, 0x41, 0x50, 0x49, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3d, 0x67, 0x69, - 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, - 0x6f, 0x78, 0x79, 0x2f, 0x67, 0x6f, 0x2d, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x2d, 0x70, - 0x6c, 0x61, 0x6e, 0x65, 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, - 0x65, 0x72, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x3b, 0x61, 0x70, 0x69, 0x62, 0x06, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x33, + 0x6b, 0x65, 0x79, 0x12, 0x32, 0x0a, 0x06, 0x4f, 0x61, 0x75, 0x74, 0x68, 0x32, 0x18, 0x04, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, + 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x4f, 0x61, 0x75, 0x74, 0x68, 0x32, 0x52, + 0x06, 0x4f, 0x61, 0x75, 0x74, 0x68, 0x32, 0x42, 0x7e, 0x0a, 0x23, 0x6f, 0x72, 0x67, 0x2e, 0x77, + 0x73, 0x6f, 0x32, 0x2e, 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, + 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x42, 0x16, + 0x41, 0x50, 0x49, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3d, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, + 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, + 0x67, 0x6f, 0x2d, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x2d, 0x70, 0x6c, 0x61, 0x6e, 0x65, + 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, + 0x61, 0x70, 0x69, 0x3b, 0x61, 0x70, 0x69, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -346,13 +353,13 @@ var file_wso2_discovery_api_api_authentication_proto_msgTypes = make([]protoimpl var file_wso2_discovery_api_api_authentication_proto_goTypes = []interface{}{ (*APIKey)(nil), // 0: wso2.discovery.api.APIKey (*JWT)(nil), // 1: wso2.discovery.api.JWT - (*APIAuthentication)(nil), // 2: wso2.discovery.api.APIAuthentication - (*TestConsoleKey)(nil), // 3: wso2.discovery.api.TestConsoleKey + (*Oauth2)(nil), // 2: wso2.discovery.api.Oauth2 + (*APIAuthentication)(nil), // 3: wso2.discovery.api.APIAuthentication } var file_wso2_discovery_api_api_authentication_proto_depIdxs = []int32{ 1, // 0: wso2.discovery.api.APIAuthentication.jwt:type_name -> wso2.discovery.api.JWT 0, // 1: wso2.discovery.api.APIAuthentication.apikey:type_name -> wso2.discovery.api.APIKey - 3, // 2: wso2.discovery.api.APIAuthentication.testConsoleKey:type_name -> wso2.discovery.api.TestConsoleKey + 2, // 2: wso2.discovery.api.APIAuthentication.Oauth2:type_name -> wso2.discovery.api.Oauth2 3, // [3:3] is the sub-list for method output_type 3, // [3:3] is the sub-list for method input_type 3, // [3:3] is the sub-list for extension type_name @@ -391,7 +398,7 @@ func file_wso2_discovery_api_api_authentication_proto_init() { } } file_wso2_discovery_api_api_authentication_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*APIAuthentication); i { + switch v := v.(*Oauth2); i { case 0: return &v.state case 1: @@ -403,7 +410,7 @@ func file_wso2_discovery_api_api_authentication_proto_init() { } } file_wso2_discovery_api_api_authentication_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*TestConsoleKey); i { + switch v := v.(*APIAuthentication); i { case 0: return &v.state case 1: diff --git a/adapter/pkg/discovery/api/wso2/discovery/service/apkmgt/eventds.pb.go b/adapter/pkg/discovery/api/wso2/discovery/service/apkmgt/eventds.pb.go new file mode 100644 index 0000000000..44197804ab --- /dev/null +++ b/adapter/pkg/discovery/api/wso2/discovery/service/apkmgt/eventds.pb.go @@ -0,0 +1,278 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.25.0-devel +// protoc v3.13.0 +// source: wso2/discovery/service/apkmgt/eventds.proto + +package apkmgt + +import ( + context "context" + subscription "github.com/wso2/apk/adapter/pkg/discovery/api/wso2/discovery/subscription" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type Request struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Event string `protobuf:"bytes,1,opt,name=event,proto3" json:"event,omitempty"` +} + +func (x *Request) Reset() { + *x = Request{} + if protoimpl.UnsafeEnabled { + mi := &file_wso2_discovery_service_apkmgt_eventds_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Request) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Request) ProtoMessage() {} + +func (x *Request) ProtoReflect() protoreflect.Message { + mi := &file_wso2_discovery_service_apkmgt_eventds_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Request.ProtoReflect.Descriptor instead. +func (*Request) Descriptor() ([]byte, []int) { + return file_wso2_discovery_service_apkmgt_eventds_proto_rawDescGZIP(), []int{0} +} + +func (x *Request) GetEvent() string { + if x != nil { + return x.Event + } + return "" +} + +var File_wso2_discovery_service_apkmgt_eventds_proto protoreflect.FileDescriptor + +var file_wso2_discovery_service_apkmgt_eventds_proto_rawDesc = []byte{ + 0x0a, 0x2b, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, + 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2f, 0x61, 0x70, 0x6b, 0x6d, 0x67, 0x74, 0x2f, + 0x65, 0x76, 0x65, 0x6e, 0x74, 0x64, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x18, 0x64, + 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, + 0x2e, 0x61, 0x70, 0x6b, 0x6d, 0x67, 0x74, 0x1a, 0x27, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, + 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, + 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x22, 0x1f, 0x0a, 0x07, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x65, + 0x76, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x76, 0x65, 0x6e, + 0x74, 0x32, 0x6f, 0x0a, 0x12, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, + 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x59, 0x0a, 0x0c, 0x53, 0x74, 0x72, 0x65, 0x61, + 0x6d, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x73, 0x12, 0x21, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, + 0x65, 0x72, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x61, 0x70, 0x6b, 0x6d, + 0x67, 0x74, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x77, 0x73, 0x6f, + 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, + 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x22, 0x00, + 0x30, 0x01, 0x42, 0x95, 0x01, 0x0a, 0x2e, 0x6f, 0x72, 0x67, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, + 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x2e, 0x64, 0x69, 0x73, + 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x61, + 0x70, 0x6b, 0x6d, 0x67, 0x74, 0x42, 0x11, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x4b, 0x67, 0x69, 0x74, 0x68, + 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x61, 0x70, 0x6b, 0x2f, + 0x61, 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x64, 0x69, 0x73, 0x63, + 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, + 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, + 0x2f, 0x61, 0x70, 0x6b, 0x6d, 0x67, 0x74, 0x88, 0x01, 0x01, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x33, +} + +var ( + file_wso2_discovery_service_apkmgt_eventds_proto_rawDescOnce sync.Once + file_wso2_discovery_service_apkmgt_eventds_proto_rawDescData = file_wso2_discovery_service_apkmgt_eventds_proto_rawDesc +) + +func file_wso2_discovery_service_apkmgt_eventds_proto_rawDescGZIP() []byte { + file_wso2_discovery_service_apkmgt_eventds_proto_rawDescOnce.Do(func() { + file_wso2_discovery_service_apkmgt_eventds_proto_rawDescData = protoimpl.X.CompressGZIP(file_wso2_discovery_service_apkmgt_eventds_proto_rawDescData) + }) + return file_wso2_discovery_service_apkmgt_eventds_proto_rawDescData +} + +var file_wso2_discovery_service_apkmgt_eventds_proto_msgTypes = make([]protoimpl.MessageInfo, 1) +var file_wso2_discovery_service_apkmgt_eventds_proto_goTypes = []interface{}{ + (*Request)(nil), // 0: discovery.service.apkmgt.Request + (*subscription.Event)(nil), // 1: wso2.discovery.subscription.Event +} +var file_wso2_discovery_service_apkmgt_eventds_proto_depIdxs = []int32{ + 0, // 0: discovery.service.apkmgt.EventStreamService.StreamEvents:input_type -> discovery.service.apkmgt.Request + 1, // 1: discovery.service.apkmgt.EventStreamService.StreamEvents:output_type -> wso2.discovery.subscription.Event + 1, // [1:2] is the sub-list for method output_type + 0, // [0:1] is the sub-list for method input_type + 0, // [0:0] is the sub-list for extension type_name + 0, // [0:0] is the sub-list for extension extendee + 0, // [0:0] is the sub-list for field type_name +} + +func init() { file_wso2_discovery_service_apkmgt_eventds_proto_init() } +func file_wso2_discovery_service_apkmgt_eventds_proto_init() { + if File_wso2_discovery_service_apkmgt_eventds_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_wso2_discovery_service_apkmgt_eventds_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Request); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_wso2_discovery_service_apkmgt_eventds_proto_rawDesc, + NumEnums: 0, + NumMessages: 1, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_wso2_discovery_service_apkmgt_eventds_proto_goTypes, + DependencyIndexes: file_wso2_discovery_service_apkmgt_eventds_proto_depIdxs, + MessageInfos: file_wso2_discovery_service_apkmgt_eventds_proto_msgTypes, + }.Build() + File_wso2_discovery_service_apkmgt_eventds_proto = out.File + file_wso2_discovery_service_apkmgt_eventds_proto_rawDesc = nil + file_wso2_discovery_service_apkmgt_eventds_proto_goTypes = nil + file_wso2_discovery_service_apkmgt_eventds_proto_depIdxs = nil +} + +// Reference imports to suppress errors if they are not otherwise used. +var _ context.Context +var _ grpc.ClientConnInterface + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +const _ = grpc.SupportPackageIsVersion6 + +// EventStreamServiceClient is the client API for EventStreamService service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream. +type EventStreamServiceClient interface { + StreamEvents(ctx context.Context, in *Request, opts ...grpc.CallOption) (EventStreamService_StreamEventsClient, error) +} + +type eventStreamServiceClient struct { + cc grpc.ClientConnInterface +} + +func NewEventStreamServiceClient(cc grpc.ClientConnInterface) EventStreamServiceClient { + return &eventStreamServiceClient{cc} +} + +func (c *eventStreamServiceClient) StreamEvents(ctx context.Context, in *Request, opts ...grpc.CallOption) (EventStreamService_StreamEventsClient, error) { + stream, err := c.cc.NewStream(ctx, &_EventStreamService_serviceDesc.Streams[0], "/discovery.service.apkmgt.EventStreamService/StreamEvents", opts...) + if err != nil { + return nil, err + } + x := &eventStreamServiceStreamEventsClient{stream} + if err := x.ClientStream.SendMsg(in); err != nil { + return nil, err + } + if err := x.ClientStream.CloseSend(); err != nil { + return nil, err + } + return x, nil +} + +type EventStreamService_StreamEventsClient interface { + Recv() (*subscription.Event, error) + grpc.ClientStream +} + +type eventStreamServiceStreamEventsClient struct { + grpc.ClientStream +} + +func (x *eventStreamServiceStreamEventsClient) Recv() (*subscription.Event, error) { + m := new(subscription.Event) + if err := x.ClientStream.RecvMsg(m); err != nil { + return nil, err + } + return m, nil +} + +// EventStreamServiceServer is the server API for EventStreamService service. +type EventStreamServiceServer interface { + StreamEvents(*Request, EventStreamService_StreamEventsServer) error +} + +// UnimplementedEventStreamServiceServer can be embedded to have forward compatible implementations. +type UnimplementedEventStreamServiceServer struct { +} + +func (*UnimplementedEventStreamServiceServer) StreamEvents(*Request, EventStreamService_StreamEventsServer) error { + return status.Errorf(codes.Unimplemented, "method StreamEvents not implemented") +} + +func RegisterEventStreamServiceServer(s *grpc.Server, srv EventStreamServiceServer) { + s.RegisterService(&_EventStreamService_serviceDesc, srv) +} + +func _EventStreamService_StreamEvents_Handler(srv interface{}, stream grpc.ServerStream) error { + m := new(Request) + if err := stream.RecvMsg(m); err != nil { + return err + } + return srv.(EventStreamServiceServer).StreamEvents(m, &eventStreamServiceStreamEventsServer{stream}) +} + +type EventStreamService_StreamEventsServer interface { + Send(*subscription.Event) error + grpc.ServerStream +} + +type eventStreamServiceStreamEventsServer struct { + grpc.ServerStream +} + +func (x *eventStreamServiceStreamEventsServer) Send(m *subscription.Event) error { + return x.ServerStream.SendMsg(m) +} + +var _EventStreamService_serviceDesc = grpc.ServiceDesc{ + ServiceName: "discovery.service.apkmgt.EventStreamService", + HandlerType: (*EventStreamServiceServer)(nil), + Methods: []grpc.MethodDesc{}, + Streams: []grpc.StreamDesc{ + { + StreamName: "StreamEvents", + Handler: _EventStreamService_StreamEvents_Handler, + ServerStreams: true, + }, + }, + Metadata: "wso2/discovery/service/apkmgt/eventds.proto", +} diff --git a/adapter/pkg/discovery/api/wso2/discovery/subscription/application.pb.go b/adapter/pkg/discovery/api/wso2/discovery/subscription/application.pb.go new file mode 100644 index 0000000000..e40dd74c27 --- /dev/null +++ b/adapter/pkg/discovery/api/wso2/discovery/subscription/application.pb.go @@ -0,0 +1,218 @@ +// +// Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.25.0-devel +// protoc v3.13.0 +// source: wso2/discovery/subscription/application.proto + +package subscription + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// Application data model +type Application struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Uuid string `protobuf:"bytes,1,opt,name=uuid,proto3" json:"uuid,omitempty"` + Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` + Owner string `protobuf:"bytes,3,opt,name=owner,proto3" json:"owner,omitempty"` + Organization string `protobuf:"bytes,4,opt,name=organization,proto3" json:"organization,omitempty"` + Attributes map[string]string `protobuf:"bytes,5,rep,name=attributes,proto3" json:"attributes,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` +} + +func (x *Application) Reset() { + *x = Application{} + if protoimpl.UnsafeEnabled { + mi := &file_wso2_discovery_subscription_application_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Application) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Application) ProtoMessage() {} + +func (x *Application) ProtoReflect() protoreflect.Message { + mi := &file_wso2_discovery_subscription_application_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Application.ProtoReflect.Descriptor instead. +func (*Application) Descriptor() ([]byte, []int) { + return file_wso2_discovery_subscription_application_proto_rawDescGZIP(), []int{0} +} + +func (x *Application) GetUuid() string { + if x != nil { + return x.Uuid + } + return "" +} + +func (x *Application) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *Application) GetOwner() string { + if x != nil { + return x.Owner + } + return "" +} + +func (x *Application) GetOrganization() string { + if x != nil { + return x.Organization + } + return "" +} + +func (x *Application) GetAttributes() map[string]string { + if x != nil { + return x.Attributes + } + return nil +} + +var File_wso2_discovery_subscription_application_proto protoreflect.FileDescriptor + +var file_wso2_discovery_subscription_application_proto_rawDesc = []byte{ + 0x0a, 0x2d, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, + 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x61, 0x70, + 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, + 0x1b, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, + 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x88, 0x02, 0x0a, + 0x0b, 0x41, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, + 0x75, 0x75, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x75, 0x69, 0x64, + 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, + 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x6f, 0x77, 0x6e, 0x65, 0x72, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x05, 0x6f, 0x77, 0x6e, 0x65, 0x72, 0x12, 0x22, 0x0a, 0x0c, 0x6f, 0x72, + 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x0c, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x58, + 0x0a, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x18, 0x05, 0x20, 0x03, + 0x28, 0x0b, 0x32, 0x38, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, + 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, + 0x2e, 0x41, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x41, 0x74, 0x74, + 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0a, 0x61, 0x74, + 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x1a, 0x3d, 0x0a, 0x0f, 0x41, 0x74, 0x74, 0x72, + 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, + 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, + 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, + 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x8d, 0x01, 0x0a, 0x2c, 0x6f, 0x72, 0x67, 0x2e, + 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, + 0x72, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, + 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x10, 0x41, 0x70, 0x70, 0x6c, 0x69, 0x63, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x49, 0x67, 0x69, + 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x61, 0x70, + 0x6b, 0x2f, 0x61, 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x64, 0x69, + 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x77, 0x73, 0x6f, 0x32, + 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, + 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_wso2_discovery_subscription_application_proto_rawDescOnce sync.Once + file_wso2_discovery_subscription_application_proto_rawDescData = file_wso2_discovery_subscription_application_proto_rawDesc +) + +func file_wso2_discovery_subscription_application_proto_rawDescGZIP() []byte { + file_wso2_discovery_subscription_application_proto_rawDescOnce.Do(func() { + file_wso2_discovery_subscription_application_proto_rawDescData = protoimpl.X.CompressGZIP(file_wso2_discovery_subscription_application_proto_rawDescData) + }) + return file_wso2_discovery_subscription_application_proto_rawDescData +} + +var file_wso2_discovery_subscription_application_proto_msgTypes = make([]protoimpl.MessageInfo, 2) +var file_wso2_discovery_subscription_application_proto_goTypes = []interface{}{ + (*Application)(nil), // 0: wso2.discovery.subscription.Application + nil, // 1: wso2.discovery.subscription.Application.AttributesEntry +} +var file_wso2_discovery_subscription_application_proto_depIdxs = []int32{ + 1, // 0: wso2.discovery.subscription.Application.attributes:type_name -> wso2.discovery.subscription.Application.AttributesEntry + 1, // [1:1] is the sub-list for method output_type + 1, // [1:1] is the sub-list for method input_type + 1, // [1:1] is the sub-list for extension type_name + 1, // [1:1] is the sub-list for extension extendee + 0, // [0:1] is the sub-list for field type_name +} + +func init() { file_wso2_discovery_subscription_application_proto_init() } +func file_wso2_discovery_subscription_application_proto_init() { + if File_wso2_discovery_subscription_application_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_wso2_discovery_subscription_application_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Application); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_wso2_discovery_subscription_application_proto_rawDesc, + NumEnums: 0, + NumMessages: 2, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_wso2_discovery_subscription_application_proto_goTypes, + DependencyIndexes: file_wso2_discovery_subscription_application_proto_depIdxs, + MessageInfos: file_wso2_discovery_subscription_application_proto_msgTypes, + }.Build() + File_wso2_discovery_subscription_application_proto = out.File + file_wso2_discovery_subscription_application_proto_rawDesc = nil + file_wso2_discovery_subscription_application_proto_goTypes = nil + file_wso2_discovery_subscription_application_proto_depIdxs = nil +} diff --git a/adapter/pkg/discovery/api/wso2/discovery/subscription/application_key_mapping.pb.go b/adapter/pkg/discovery/api/wso2/discovery/subscription/application_key_mapping.pb.go new file mode 100644 index 0000000000..84cd52c21b --- /dev/null +++ b/adapter/pkg/discovery/api/wso2/discovery/subscription/application_key_mapping.pb.go @@ -0,0 +1,234 @@ +// +// Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.25.0-devel +// protoc v3.13.0 +// source: wso2/discovery/subscription/application_key_mapping.proto + +package subscription + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// ApplicationKeyMapping data model +type ApplicationKeyMapping struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + ApplicationUUID string `protobuf:"bytes,1,opt,name=applicationUUID,proto3" json:"applicationUUID,omitempty"` + SecurityScheme string `protobuf:"bytes,2,opt,name=securityScheme,proto3" json:"securityScheme,omitempty"` + ApplicationIdentifier string `protobuf:"bytes,3,opt,name=applicationIdentifier,proto3" json:"applicationIdentifier,omitempty"` + KeyType string `protobuf:"bytes,4,opt,name=keyType,proto3" json:"keyType,omitempty"` + EnvID string `protobuf:"bytes,5,opt,name=envID,proto3" json:"envID,omitempty"` + Timestamp int64 `protobuf:"varint,6,opt,name=timestamp,proto3" json:"timestamp,omitempty"` + Organization string `protobuf:"bytes,7,opt,name=organization,proto3" json:"organization,omitempty"` +} + +func (x *ApplicationKeyMapping) Reset() { + *x = ApplicationKeyMapping{} + if protoimpl.UnsafeEnabled { + mi := &file_wso2_discovery_subscription_application_key_mapping_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ApplicationKeyMapping) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ApplicationKeyMapping) ProtoMessage() {} + +func (x *ApplicationKeyMapping) ProtoReflect() protoreflect.Message { + mi := &file_wso2_discovery_subscription_application_key_mapping_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ApplicationKeyMapping.ProtoReflect.Descriptor instead. +func (*ApplicationKeyMapping) Descriptor() ([]byte, []int) { + return file_wso2_discovery_subscription_application_key_mapping_proto_rawDescGZIP(), []int{0} +} + +func (x *ApplicationKeyMapping) GetApplicationUUID() string { + if x != nil { + return x.ApplicationUUID + } + return "" +} + +func (x *ApplicationKeyMapping) GetSecurityScheme() string { + if x != nil { + return x.SecurityScheme + } + return "" +} + +func (x *ApplicationKeyMapping) GetApplicationIdentifier() string { + if x != nil { + return x.ApplicationIdentifier + } + return "" +} + +func (x *ApplicationKeyMapping) GetKeyType() string { + if x != nil { + return x.KeyType + } + return "" +} + +func (x *ApplicationKeyMapping) GetEnvID() string { + if x != nil { + return x.EnvID + } + return "" +} + +func (x *ApplicationKeyMapping) GetTimestamp() int64 { + if x != nil { + return x.Timestamp + } + return 0 +} + +func (x *ApplicationKeyMapping) GetOrganization() string { + if x != nil { + return x.Organization + } + return "" +} + +var File_wso2_discovery_subscription_application_key_mapping_proto protoreflect.FileDescriptor + +var file_wso2_discovery_subscription_application_key_mapping_proto_rawDesc = []byte{ + 0x0a, 0x39, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, + 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x61, 0x70, + 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x6d, 0x61, + 0x70, 0x70, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1b, 0x77, 0x73, 0x6f, + 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, + 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x91, 0x02, 0x0a, 0x15, 0x41, 0x70, 0x70, + 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4b, 0x65, 0x79, 0x4d, 0x61, 0x70, 0x70, 0x69, + 0x6e, 0x67, 0x12, 0x28, 0x0a, 0x0f, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x55, 0x55, 0x49, 0x44, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x61, 0x70, 0x70, + 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x55, 0x55, 0x49, 0x44, 0x12, 0x26, 0x0a, 0x0e, + 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x53, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x53, 0x63, + 0x68, 0x65, 0x6d, 0x65, 0x12, 0x34, 0x0a, 0x15, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x15, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x18, 0x0a, 0x07, 0x6b, 0x65, + 0x79, 0x54, 0x79, 0x70, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6b, 0x65, 0x79, + 0x54, 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x6e, 0x76, 0x49, 0x44, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x6e, 0x76, 0x49, 0x44, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, + 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, + 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x22, 0x0a, 0x0c, 0x6f, 0x72, 0x67, 0x61, + 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, + 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x97, 0x01, 0x0a, + 0x2c, 0x6f, 0x72, 0x67, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e, + 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, + 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x1a, 0x41, + 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4b, 0x65, 0x79, 0x4d, 0x61, 0x70, + 0x70, 0x69, 0x6e, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x49, 0x67, 0x69, 0x74, + 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x61, 0x70, 0x6b, + 0x2f, 0x61, 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x64, 0x69, 0x73, + 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, + 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, + 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_wso2_discovery_subscription_application_key_mapping_proto_rawDescOnce sync.Once + file_wso2_discovery_subscription_application_key_mapping_proto_rawDescData = file_wso2_discovery_subscription_application_key_mapping_proto_rawDesc +) + +func file_wso2_discovery_subscription_application_key_mapping_proto_rawDescGZIP() []byte { + file_wso2_discovery_subscription_application_key_mapping_proto_rawDescOnce.Do(func() { + file_wso2_discovery_subscription_application_key_mapping_proto_rawDescData = protoimpl.X.CompressGZIP(file_wso2_discovery_subscription_application_key_mapping_proto_rawDescData) + }) + return file_wso2_discovery_subscription_application_key_mapping_proto_rawDescData +} + +var file_wso2_discovery_subscription_application_key_mapping_proto_msgTypes = make([]protoimpl.MessageInfo, 1) +var file_wso2_discovery_subscription_application_key_mapping_proto_goTypes = []interface{}{ + (*ApplicationKeyMapping)(nil), // 0: wso2.discovery.subscription.ApplicationKeyMapping +} +var file_wso2_discovery_subscription_application_key_mapping_proto_depIdxs = []int32{ + 0, // [0:0] is the sub-list for method output_type + 0, // [0:0] is the sub-list for method input_type + 0, // [0:0] is the sub-list for extension type_name + 0, // [0:0] is the sub-list for extension extendee + 0, // [0:0] is the sub-list for field type_name +} + +func init() { file_wso2_discovery_subscription_application_key_mapping_proto_init() } +func file_wso2_discovery_subscription_application_key_mapping_proto_init() { + if File_wso2_discovery_subscription_application_key_mapping_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_wso2_discovery_subscription_application_key_mapping_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ApplicationKeyMapping); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_wso2_discovery_subscription_application_key_mapping_proto_rawDesc, + NumEnums: 0, + NumMessages: 1, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_wso2_discovery_subscription_application_key_mapping_proto_goTypes, + DependencyIndexes: file_wso2_discovery_subscription_application_key_mapping_proto_depIdxs, + MessageInfos: file_wso2_discovery_subscription_application_key_mapping_proto_msgTypes, + }.Build() + File_wso2_discovery_subscription_application_key_mapping_proto = out.File + file_wso2_discovery_subscription_application_key_mapping_proto_rawDesc = nil + file_wso2_discovery_subscription_application_key_mapping_proto_goTypes = nil + file_wso2_discovery_subscription_application_key_mapping_proto_depIdxs = nil +} diff --git a/adapter/pkg/discovery/api/wso2/discovery/subscription/applicationmapping.pb.go b/adapter/pkg/discovery/api/wso2/discovery/subscription/applicationmapping.pb.go new file mode 100644 index 0000000000..3fc5710440 --- /dev/null +++ b/adapter/pkg/discovery/api/wso2/discovery/subscription/applicationmapping.pb.go @@ -0,0 +1,203 @@ +// +// Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.25.0-devel +// protoc v3.13.0 +// source: wso2/discovery/subscription/applicationmapping.proto + +package subscription + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// ApplicationMapping data model +type ApplicationMapping struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Uuid string `protobuf:"bytes,1,opt,name=uuid,proto3" json:"uuid,omitempty"` + ApplicationRef string `protobuf:"bytes,2,opt,name=applicationRef,proto3" json:"applicationRef,omitempty"` + SubscriptionRef string `protobuf:"bytes,3,opt,name=subscriptionRef,proto3" json:"subscriptionRef,omitempty"` + Organization string `protobuf:"bytes,4,opt,name=organization,proto3" json:"organization,omitempty"` +} + +func (x *ApplicationMapping) Reset() { + *x = ApplicationMapping{} + if protoimpl.UnsafeEnabled { + mi := &file_wso2_discovery_subscription_applicationmapping_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ApplicationMapping) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ApplicationMapping) ProtoMessage() {} + +func (x *ApplicationMapping) ProtoReflect() protoreflect.Message { + mi := &file_wso2_discovery_subscription_applicationmapping_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ApplicationMapping.ProtoReflect.Descriptor instead. +func (*ApplicationMapping) Descriptor() ([]byte, []int) { + return file_wso2_discovery_subscription_applicationmapping_proto_rawDescGZIP(), []int{0} +} + +func (x *ApplicationMapping) GetUuid() string { + if x != nil { + return x.Uuid + } + return "" +} + +func (x *ApplicationMapping) GetApplicationRef() string { + if x != nil { + return x.ApplicationRef + } + return "" +} + +func (x *ApplicationMapping) GetSubscriptionRef() string { + if x != nil { + return x.SubscriptionRef + } + return "" +} + +func (x *ApplicationMapping) GetOrganization() string { + if x != nil { + return x.Organization + } + return "" +} + +var File_wso2_discovery_subscription_applicationmapping_proto protoreflect.FileDescriptor + +var file_wso2_discovery_subscription_applicationmapping_proto_rawDesc = []byte{ + 0x0a, 0x34, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, + 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x61, 0x70, + 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x6d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1b, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, + 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, + 0x69, 0x6f, 0x6e, 0x22, 0x9e, 0x01, 0x0a, 0x12, 0x41, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x75, + 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x75, 0x69, 0x64, 0x12, 0x26, + 0x0a, 0x0e, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x66, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x66, 0x12, 0x28, 0x0a, 0x0f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, + 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x66, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x66, + 0x12, 0x22, 0x0a, 0x0c, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x94, 0x01, 0x0a, 0x2c, 0x6f, 0x72, 0x67, 0x2e, 0x77, 0x73, 0x6f, + 0x32, 0x2e, 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x2e, 0x64, + 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x17, 0x41, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, + 0x5a, 0x49, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x77, 0x73, 0x6f, + 0x32, 0x2f, 0x61, 0x70, 0x6b, 0x2f, 0x61, 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, 0x2f, 0x70, 0x6b, + 0x67, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, + 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, + 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x33, +} + +var ( + file_wso2_discovery_subscription_applicationmapping_proto_rawDescOnce sync.Once + file_wso2_discovery_subscription_applicationmapping_proto_rawDescData = file_wso2_discovery_subscription_applicationmapping_proto_rawDesc +) + +func file_wso2_discovery_subscription_applicationmapping_proto_rawDescGZIP() []byte { + file_wso2_discovery_subscription_applicationmapping_proto_rawDescOnce.Do(func() { + file_wso2_discovery_subscription_applicationmapping_proto_rawDescData = protoimpl.X.CompressGZIP(file_wso2_discovery_subscription_applicationmapping_proto_rawDescData) + }) + return file_wso2_discovery_subscription_applicationmapping_proto_rawDescData +} + +var file_wso2_discovery_subscription_applicationmapping_proto_msgTypes = make([]protoimpl.MessageInfo, 1) +var file_wso2_discovery_subscription_applicationmapping_proto_goTypes = []interface{}{ + (*ApplicationMapping)(nil), // 0: wso2.discovery.subscription.ApplicationMapping +} +var file_wso2_discovery_subscription_applicationmapping_proto_depIdxs = []int32{ + 0, // [0:0] is the sub-list for method output_type + 0, // [0:0] is the sub-list for method input_type + 0, // [0:0] is the sub-list for extension type_name + 0, // [0:0] is the sub-list for extension extendee + 0, // [0:0] is the sub-list for field type_name +} + +func init() { file_wso2_discovery_subscription_applicationmapping_proto_init() } +func file_wso2_discovery_subscription_applicationmapping_proto_init() { + if File_wso2_discovery_subscription_applicationmapping_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_wso2_discovery_subscription_applicationmapping_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ApplicationMapping); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_wso2_discovery_subscription_applicationmapping_proto_rawDesc, + NumEnums: 0, + NumMessages: 1, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_wso2_discovery_subscription_applicationmapping_proto_goTypes, + DependencyIndexes: file_wso2_discovery_subscription_applicationmapping_proto_depIdxs, + MessageInfos: file_wso2_discovery_subscription_applicationmapping_proto_msgTypes, + }.Build() + File_wso2_discovery_subscription_applicationmapping_proto = out.File + file_wso2_discovery_subscription_applicationmapping_proto_rawDesc = nil + file_wso2_discovery_subscription_applicationmapping_proto_goTypes = nil + file_wso2_discovery_subscription_applicationmapping_proto_depIdxs = nil +} diff --git a/adapter/pkg/discovery/api/wso2/discovery/subscription/event.pb.go b/adapter/pkg/discovery/api/wso2/discovery/subscription/event.pb.go new file mode 100644 index 0000000000..bb97a44e6f --- /dev/null +++ b/adapter/pkg/discovery/api/wso2/discovery/subscription/event.pb.go @@ -0,0 +1,267 @@ +// +// Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.25.0-devel +// protoc v3.13.0 +// source: wso2/discovery/subscription/event.proto + +package subscription + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// Event data model +type Event struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Uuid string `protobuf:"bytes,1,opt,name=uuid,proto3" json:"uuid,omitempty"` + TimeStamp int64 `protobuf:"varint,2,opt,name=timeStamp,proto3" json:"timeStamp,omitempty"` + Type string `protobuf:"bytes,3,opt,name=type,proto3" json:"type,omitempty"` + Application *Application `protobuf:"bytes,4,opt,name=application,proto3" json:"application,omitempty"` + ApplicationMapping *ApplicationMapping `protobuf:"bytes,5,opt,name=applicationMapping,proto3" json:"applicationMapping,omitempty"` + ApplicationKeyMapping *ApplicationKeyMapping `protobuf:"bytes,6,opt,name=applicationKeyMapping,proto3" json:"applicationKeyMapping,omitempty"` + Subscription *Subscription `protobuf:"bytes,7,opt,name=subscription,proto3" json:"subscription,omitempty"` +} + +func (x *Event) Reset() { + *x = Event{} + if protoimpl.UnsafeEnabled { + mi := &file_wso2_discovery_subscription_event_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Event) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Event) ProtoMessage() {} + +func (x *Event) ProtoReflect() protoreflect.Message { + mi := &file_wso2_discovery_subscription_event_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Event.ProtoReflect.Descriptor instead. +func (*Event) Descriptor() ([]byte, []int) { + return file_wso2_discovery_subscription_event_proto_rawDescGZIP(), []int{0} +} + +func (x *Event) GetUuid() string { + if x != nil { + return x.Uuid + } + return "" +} + +func (x *Event) GetTimeStamp() int64 { + if x != nil { + return x.TimeStamp + } + return 0 +} + +func (x *Event) GetType() string { + if x != nil { + return x.Type + } + return "" +} + +func (x *Event) GetApplication() *Application { + if x != nil { + return x.Application + } + return nil +} + +func (x *Event) GetApplicationMapping() *ApplicationMapping { + if x != nil { + return x.ApplicationMapping + } + return nil +} + +func (x *Event) GetApplicationKeyMapping() *ApplicationKeyMapping { + if x != nil { + return x.ApplicationKeyMapping + } + return nil +} + +func (x *Event) GetSubscription() *Subscription { + if x != nil { + return x.Subscription + } + return nil +} + +var File_wso2_discovery_subscription_event_proto protoreflect.FileDescriptor + +var file_wso2_discovery_subscription_event_proto_rawDesc = []byte{ + 0x0a, 0x27, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, + 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x65, 0x76, + 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1b, 0x77, 0x73, 0x6f, 0x32, 0x2e, + 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, + 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x1a, 0x2d, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, + 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, + 0x69, 0x6f, 0x6e, 0x2f, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x34, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, + 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, + 0x6f, 0x6e, 0x2f, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x6d, 0x61, + 0x70, 0x70, 0x69, 0x6e, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x39, 0x77, 0x73, 0x6f, + 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, 0x75, 0x62, 0x73, + 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x6d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, + 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, + 0x69, 0x6f, 0x6e, 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xb3, 0x03, 0x0a, 0x05, 0x45, 0x76, 0x65, 0x6e, 0x74, + 0x12, 0x12, 0x0a, 0x04, 0x75, 0x75, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, + 0x75, 0x75, 0x69, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x53, 0x74, 0x61, 0x6d, + 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x53, 0x74, 0x61, + 0x6d, 0x70, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x4a, 0x0a, 0x0b, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x77, 0x73, + 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, + 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x41, 0x70, 0x70, 0x6c, 0x69, 0x63, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x12, 0x5f, 0x0a, 0x12, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, + 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, + 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x41, 0x70, 0x70, + 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x52, + 0x12, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x70, 0x70, + 0x69, 0x6e, 0x67, 0x12, 0x68, 0x0a, 0x15, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x4b, 0x65, 0x79, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x18, 0x06, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, + 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, + 0x2e, 0x41, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4b, 0x65, 0x79, 0x4d, + 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x52, 0x15, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x4b, 0x65, 0x79, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x12, 0x4d, 0x0a, + 0x0c, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, + 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, + 0x6e, 0x2e, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0c, + 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x87, 0x01, 0x0a, + 0x2c, 0x6f, 0x72, 0x67, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e, + 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, + 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0a, 0x45, + 0x76, 0x65, 0x6e, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x49, 0x67, 0x69, 0x74, + 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x61, 0x70, 0x6b, + 0x2f, 0x61, 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x64, 0x69, 0x73, + 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, + 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, + 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_wso2_discovery_subscription_event_proto_rawDescOnce sync.Once + file_wso2_discovery_subscription_event_proto_rawDescData = file_wso2_discovery_subscription_event_proto_rawDesc +) + +func file_wso2_discovery_subscription_event_proto_rawDescGZIP() []byte { + file_wso2_discovery_subscription_event_proto_rawDescOnce.Do(func() { + file_wso2_discovery_subscription_event_proto_rawDescData = protoimpl.X.CompressGZIP(file_wso2_discovery_subscription_event_proto_rawDescData) + }) + return file_wso2_discovery_subscription_event_proto_rawDescData +} + +var file_wso2_discovery_subscription_event_proto_msgTypes = make([]protoimpl.MessageInfo, 1) +var file_wso2_discovery_subscription_event_proto_goTypes = []interface{}{ + (*Event)(nil), // 0: wso2.discovery.subscription.Event + (*Application)(nil), // 1: wso2.discovery.subscription.Application + (*ApplicationMapping)(nil), // 2: wso2.discovery.subscription.ApplicationMapping + (*ApplicationKeyMapping)(nil), // 3: wso2.discovery.subscription.ApplicationKeyMapping + (*Subscription)(nil), // 4: wso2.discovery.subscription.Subscription +} +var file_wso2_discovery_subscription_event_proto_depIdxs = []int32{ + 1, // 0: wso2.discovery.subscription.Event.application:type_name -> wso2.discovery.subscription.Application + 2, // 1: wso2.discovery.subscription.Event.applicationMapping:type_name -> wso2.discovery.subscription.ApplicationMapping + 3, // 2: wso2.discovery.subscription.Event.applicationKeyMapping:type_name -> wso2.discovery.subscription.ApplicationKeyMapping + 4, // 3: wso2.discovery.subscription.Event.subscription:type_name -> wso2.discovery.subscription.Subscription + 4, // [4:4] is the sub-list for method output_type + 4, // [4:4] is the sub-list for method input_type + 4, // [4:4] is the sub-list for extension type_name + 4, // [4:4] is the sub-list for extension extendee + 0, // [0:4] is the sub-list for field type_name +} + +func init() { file_wso2_discovery_subscription_event_proto_init() } +func file_wso2_discovery_subscription_event_proto_init() { + if File_wso2_discovery_subscription_event_proto != nil { + return + } + file_wso2_discovery_subscription_application_proto_init() + file_wso2_discovery_subscription_applicationmapping_proto_init() + file_wso2_discovery_subscription_application_key_mapping_proto_init() + file_wso2_discovery_subscription_subscription_proto_init() + if !protoimpl.UnsafeEnabled { + file_wso2_discovery_subscription_event_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Event); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_wso2_discovery_subscription_event_proto_rawDesc, + NumEnums: 0, + NumMessages: 1, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_wso2_discovery_subscription_event_proto_goTypes, + DependencyIndexes: file_wso2_discovery_subscription_event_proto_depIdxs, + MessageInfos: file_wso2_discovery_subscription_event_proto_msgTypes, + }.Build() + File_wso2_discovery_subscription_event_proto = out.File + file_wso2_discovery_subscription_event_proto_rawDesc = nil + file_wso2_discovery_subscription_event_proto_goTypes = nil + file_wso2_discovery_subscription_event_proto_depIdxs = nil +} diff --git a/adapter/pkg/discovery/api/wso2/discovery/subscription/subscription.pb.go b/adapter/pkg/discovery/api/wso2/discovery/subscription/subscription.pb.go new file mode 100644 index 0000000000..a28d255311 --- /dev/null +++ b/adapter/pkg/discovery/api/wso2/discovery/subscription/subscription.pb.go @@ -0,0 +1,276 @@ +// +// Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.25.0-devel +// protoc v3.13.0 +// source: wso2/discovery/subscription/subscription.proto + +package subscription + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// Subscription data model +type Subscription struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + SubStatus string `protobuf:"bytes,1,opt,name=subStatus,proto3" json:"subStatus,omitempty"` + Uuid string `protobuf:"bytes,2,opt,name=uuid,proto3" json:"uuid,omitempty"` + Organization string `protobuf:"bytes,3,opt,name=organization,proto3" json:"organization,omitempty"` + SubscribedApi *SubscribedAPI `protobuf:"bytes,4,opt,name=subscribedApi,proto3" json:"subscribedApi,omitempty"` +} + +func (x *Subscription) Reset() { + *x = Subscription{} + if protoimpl.UnsafeEnabled { + mi := &file_wso2_discovery_subscription_subscription_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Subscription) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Subscription) ProtoMessage() {} + +func (x *Subscription) ProtoReflect() protoreflect.Message { + mi := &file_wso2_discovery_subscription_subscription_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Subscription.ProtoReflect.Descriptor instead. +func (*Subscription) Descriptor() ([]byte, []int) { + return file_wso2_discovery_subscription_subscription_proto_rawDescGZIP(), []int{0} +} + +func (x *Subscription) GetSubStatus() string { + if x != nil { + return x.SubStatus + } + return "" +} + +func (x *Subscription) GetUuid() string { + if x != nil { + return x.Uuid + } + return "" +} + +func (x *Subscription) GetOrganization() string { + if x != nil { + return x.Organization + } + return "" +} + +func (x *Subscription) GetSubscribedApi() *SubscribedAPI { + if x != nil { + return x.SubscribedApi + } + return nil +} + +type SubscribedAPI struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Version string `protobuf:"bytes,2,opt,name=version,proto3" json:"version,omitempty"` +} + +func (x *SubscribedAPI) Reset() { + *x = SubscribedAPI{} + if protoimpl.UnsafeEnabled { + mi := &file_wso2_discovery_subscription_subscription_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *SubscribedAPI) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SubscribedAPI) ProtoMessage() {} + +func (x *SubscribedAPI) ProtoReflect() protoreflect.Message { + mi := &file_wso2_discovery_subscription_subscription_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SubscribedAPI.ProtoReflect.Descriptor instead. +func (*SubscribedAPI) Descriptor() ([]byte, []int) { + return file_wso2_discovery_subscription_subscription_proto_rawDescGZIP(), []int{1} +} + +func (x *SubscribedAPI) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *SubscribedAPI) GetVersion() string { + if x != nil { + return x.Version + } + return "" +} + +var File_wso2_discovery_subscription_subscription_proto protoreflect.FileDescriptor + +var file_wso2_discovery_subscription_subscription_proto_rawDesc = []byte{ + 0x0a, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, + 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x73, 0x75, + 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x12, 0x1b, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, + 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0xb6, 0x01, + 0x0a, 0x0c, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1c, + 0x0a, 0x09, 0x73, 0x75, 0x62, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x09, 0x73, 0x75, 0x62, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x12, 0x0a, 0x04, + 0x75, 0x75, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x75, 0x69, 0x64, + 0x12, 0x22, 0x0a, 0x0c, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x50, 0x0a, 0x0d, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, + 0x65, 0x64, 0x41, 0x70, 0x69, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x77, 0x73, + 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, + 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, + 0x69, 0x62, 0x65, 0x64, 0x41, 0x50, 0x49, 0x52, 0x0d, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, + 0x62, 0x65, 0x64, 0x41, 0x70, 0x69, 0x22, 0x3d, 0x0a, 0x0d, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, + 0x69, 0x62, 0x65, 0x64, 0x41, 0x50, 0x49, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x76, + 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, + 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x42, 0x8e, 0x01, 0x0a, 0x2c, 0x6f, 0x72, 0x67, 0x2e, 0x77, 0x73, + 0x6f, 0x32, 0x2e, 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x2e, + 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, + 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x11, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, + 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x49, 0x67, 0x69, 0x74, + 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x61, 0x70, 0x6b, + 0x2f, 0x61, 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x64, 0x69, 0x73, + 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, + 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, + 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_wso2_discovery_subscription_subscription_proto_rawDescOnce sync.Once + file_wso2_discovery_subscription_subscription_proto_rawDescData = file_wso2_discovery_subscription_subscription_proto_rawDesc +) + +func file_wso2_discovery_subscription_subscription_proto_rawDescGZIP() []byte { + file_wso2_discovery_subscription_subscription_proto_rawDescOnce.Do(func() { + file_wso2_discovery_subscription_subscription_proto_rawDescData = protoimpl.X.CompressGZIP(file_wso2_discovery_subscription_subscription_proto_rawDescData) + }) + return file_wso2_discovery_subscription_subscription_proto_rawDescData +} + +var file_wso2_discovery_subscription_subscription_proto_msgTypes = make([]protoimpl.MessageInfo, 2) +var file_wso2_discovery_subscription_subscription_proto_goTypes = []interface{}{ + (*Subscription)(nil), // 0: wso2.discovery.subscription.Subscription + (*SubscribedAPI)(nil), // 1: wso2.discovery.subscription.SubscribedAPI +} +var file_wso2_discovery_subscription_subscription_proto_depIdxs = []int32{ + 1, // 0: wso2.discovery.subscription.Subscription.subscribedApi:type_name -> wso2.discovery.subscription.SubscribedAPI + 1, // [1:1] is the sub-list for method output_type + 1, // [1:1] is the sub-list for method input_type + 1, // [1:1] is the sub-list for extension type_name + 1, // [1:1] is the sub-list for extension extendee + 0, // [0:1] is the sub-list for field type_name +} + +func init() { file_wso2_discovery_subscription_subscription_proto_init() } +func file_wso2_discovery_subscription_subscription_proto_init() { + if File_wso2_discovery_subscription_subscription_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_wso2_discovery_subscription_subscription_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Subscription); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_wso2_discovery_subscription_subscription_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*SubscribedAPI); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_wso2_discovery_subscription_subscription_proto_rawDesc, + NumEnums: 0, + NumMessages: 2, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_wso2_discovery_subscription_subscription_proto_goTypes, + DependencyIndexes: file_wso2_discovery_subscription_subscription_proto_depIdxs, + MessageInfos: file_wso2_discovery_subscription_subscription_proto_msgTypes, + }.Build() + File_wso2_discovery_subscription_subscription_proto = out.File + file_wso2_discovery_subscription_subscription_proto_rawDesc = nil + file_wso2_discovery_subscription_subscription_proto_goTypes = nil + file_wso2_discovery_subscription_subscription_proto_depIdxs = nil +} diff --git a/common-go-libs/apis/dp/v1alpha1/authentication_conversion.go b/common-go-libs/apis/dp/v1alpha1/authentication_conversion.go index b60287f245..209f615401 100644 --- a/common-go-libs/apis/dp/v1alpha1/authentication_conversion.go +++ b/common-go-libs/apis/dp/v1alpha1/authentication_conversion.go @@ -71,6 +71,24 @@ func (src *Authentication) ConvertTo(dstRaw conversion.Hub) error { dst.Spec.Override.AuthTypes.APIKey = append(dst.Spec.Override.AuthTypes.APIKey, convertedAPIKeyAuth) } + // Convert testConsoleKey Override to v1alpha2.JWT + if (src.Spec.Override.AuthTypes.TestConsoleKey != (TestConsoleKeyAuth{})) { + dst.Spec.Override.AuthTypes.JWT = v1alpha2.JWT{ + Header: src.Spec.Override.AuthTypes.TestConsoleKey.Header, + SendTokenToUpstream: src.Spec.Override.AuthTypes.TestConsoleKey.SendTokenToUpstream, + Disabled: true, + } + } + + // Convert testConsoleKey Default to v1alpha2.JWT + if (src.Spec.Default.AuthTypes.TestConsoleKey != (TestConsoleKeyAuth{})) { + dst.Spec.Default.AuthTypes.JWT = v1alpha2.JWT{ + Header: src.Spec.Default.AuthTypes.TestConsoleKey.Header, + SendTokenToUpstream: src.Spec.Default.AuthTypes.TestConsoleKey.SendTokenToUpstream, + Disabled: true, + } + } + // Status dst.Status = v1alpha2.AuthenticationStatus(src.Status) @@ -118,6 +136,18 @@ func (src *Authentication) ConvertFrom(srcRaw conversion.Hub) error { src.Spec.Override.AuthTypes.APIKey = append(src.Spec.Override.AuthTypes.APIKey, convertedAPIKeyAuth) } + // Convert testConsoleKey Override to v1alpha1.TestConsoleKey + src.Spec.Override.AuthTypes.TestConsoleKey = TestConsoleKeyAuth{ + Header: dst.Spec.Override.AuthTypes.JWT.Header, + SendTokenToUpstream: dst.Spec.Override.AuthTypes.JWT.SendTokenToUpstream, + } + + // Convert testConsoleKey Default to v1alpha1.TestConsoleKey + src.Spec.Default.AuthTypes.TestConsoleKey = TestConsoleKeyAuth{ + Header: dst.Spec.Default.AuthTypes.JWT.Header, + SendTokenToUpstream: dst.Spec.Default.AuthTypes.JWT.SendTokenToUpstream, + } + // Status src.Status = AuthenticationStatus(dst.Status) return nil diff --git a/common-go-libs/apis/dp/v1alpha2/authentication_types.go b/common-go-libs/apis/dp/v1alpha2/authentication_types.go index b3000fec18..e5175ef7e0 100644 --- a/common-go-libs/apis/dp/v1alpha2/authentication_types.go +++ b/common-go-libs/apis/dp/v1alpha2/authentication_types.go @@ -55,10 +55,10 @@ type APIAuth struct { // +nullable APIKey []APIKeyAuth `json:"apiKey,omitempty"` - // TestConsoleKey is to specify the Test Console Key authentication scheme details + // JWT is to specify the JWT authentication scheme details // // +optional - TestConsoleKey TestConsoleKeyAuth `json:"testConsoleKey,omitempty"` + JWT JWT `json:"jwt,omitempty"` // MutualSSL is to specify the features and certificates for mutual SSL // @@ -91,19 +91,31 @@ type MutualSSLConfig struct { ConfigMapRefs []*RefConfig `json:"configMapRefs,omitempty"` } -// TestConsoleKeyAuth Test Console Key Authentication scheme details -type TestConsoleKeyAuth struct { - // Header is the header name used to pass the Test Console Key +// JWT Json Web Token Authentication scheme details +type JWT struct { + + // Disabled is to disable JWT authentication + // + // +kubebuilder:default=true + // +optional + Disabled bool `json:"disabled"` + + // Header is the header name used to pass the JWT // // +kubebuilder:default:=internal-key // +optional // +kubebuilder:validation:MinLength=1 Header string `json:"header,omitempty"` - // SendTokenToUpstream is to specify whether the Test Console Key should be sent to the upstream + // SendTokenToUpstream is to specify whether the JWT should be sent to the upstream // // +optional SendTokenToUpstream bool `json:"sendTokenToUpstream,omitempty"` + + // Audience that can invoke a corresponding API + // + // +optional + Audience []string `json:"audience,omitempty"` } // Oauth2Auth OAuth2 Authentication scheme details diff --git a/common-go-libs/apis/dp/v1alpha2/zz_generated.deepcopy.go b/common-go-libs/apis/dp/v1alpha2/zz_generated.deepcopy.go index 9f683a1793..0868a66610 100644 --- a/common-go-libs/apis/dp/v1alpha2/zz_generated.deepcopy.go +++ b/common-go-libs/apis/dp/v1alpha2/zz_generated.deepcopy.go @@ -64,7 +64,7 @@ func (in *APIAuth) DeepCopyInto(out *APIAuth) { *out = make([]APIKeyAuth, len(*in)) copy(*out, *in) } - out.TestConsoleKey = in.TestConsoleKey + in.JWT.DeepCopyInto(&out.JWT) if in.MutualSSL != nil { in, out := &in.MutualSSL, &out.MutualSSL *out = new(MutualSSLConfig) @@ -766,6 +766,26 @@ func (in *JWKS) DeepCopy() *JWKS { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWT) DeepCopyInto(out *JWT) { + *out = *in + if in.Audience != nil { + in, out := &in.Audience, &out.Audience + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWT. +func (in *JWT) DeepCopy() *JWT { + if in == nil { + return nil + } + out := new(JWT) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MutualSSL) DeepCopyInto(out *MutualSSL) { *out = *in @@ -939,21 +959,6 @@ func (in *SignatureValidation) DeepCopy() *SignatureValidation { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TestConsoleKeyAuth) DeepCopyInto(out *TestConsoleKeyAuth) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TestConsoleKeyAuth. -func (in *TestConsoleKeyAuth) DeepCopy() *TestConsoleKeyAuth { - if in == nil { - return nil - } - out := new(TestConsoleKeyAuth) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenIssuer) DeepCopyInto(out *TokenIssuer) { *out = *in diff --git a/common-go-libs/config/crd/bases/dp.wso2.com_authentications.yaml b/common-go-libs/config/crd/bases/dp.wso2.com_authentications.yaml index 1418de8c2c..06c91382d0 100644 --- a/common-go-libs/config/crd/bases/dp.wso2.com_authentications.yaml +++ b/common-go-libs/config/crd/bases/dp.wso2.com_authentications.yaml @@ -275,6 +275,31 @@ spec: type: object nullable: true type: array + jwt: + description: JWT is to specify the JWT authentication scheme + details + properties: + audience: + description: Audience that can invoke a corresponding + API + items: + type: string + type: array + disabled: + default: true + description: Disabled is to disable JWT authentication + type: boolean + header: + default: internal-key + description: Header is the header name used to pass the + JWT + minLength: 1 + type: string + sendTokenToUpstream: + description: SendTokenToUpstream is to specify whether + the JWT should be sent to the upstream + type: boolean + type: object mtls: description: MutualSSL is to specify the features and certificates for mutual SSL @@ -364,21 +389,6 @@ spec: the OAuth2 token should be sent to the upstream type: boolean type: object - testConsoleKey: - description: TestConsoleKey is to specify the Test Console - Key authentication scheme details - properties: - header: - default: internal-key - description: Header is the header name used to pass the - Test Console Key - minLength: 1 - type: string - sendTokenToUpstream: - description: SendTokenToUpstream is to specify whether - the Test Console Key should be sent to the upstream - type: boolean - type: object type: object disabled: description: Disabled is to disable all authentications @@ -417,6 +427,31 @@ spec: type: object nullable: true type: array + jwt: + description: JWT is to specify the JWT authentication scheme + details + properties: + audience: + description: Audience that can invoke a corresponding + API + items: + type: string + type: array + disabled: + default: true + description: Disabled is to disable JWT authentication + type: boolean + header: + default: internal-key + description: Header is the header name used to pass the + JWT + minLength: 1 + type: string + sendTokenToUpstream: + description: SendTokenToUpstream is to specify whether + the JWT should be sent to the upstream + type: boolean + type: object mtls: description: MutualSSL is to specify the features and certificates for mutual SSL @@ -506,21 +541,6 @@ spec: the OAuth2 token should be sent to the upstream type: boolean type: object - testConsoleKey: - description: TestConsoleKey is to specify the Test Console - Key authentication scheme details - properties: - header: - default: internal-key - description: Header is the header name used to pass the - Test Console Key - minLength: 1 - type: string - sendTokenToUpstream: - description: SendTokenToUpstream is to specify whether - the Test Console Key should be sent to the upstream - type: boolean - type: object type: object disabled: description: Disabled is to disable all authentications diff --git a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/dto/JWTValidationInfo.java b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/dto/JWTValidationInfo.java index dc8259a972..ed818a6f2a 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/dto/JWTValidationInfo.java +++ b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/dto/JWTValidationInfo.java @@ -42,6 +42,7 @@ public class JWTValidationInfo implements Serializable { private String identifier; private JWTClaimsSet jwtClaimsSet; private String token; + private List audience = new ArrayList<>(); public JWTValidationInfo() { @@ -57,6 +58,15 @@ public JWTValidationInfo(JWTValidationInfo jwtValidationInfo) { this.claims = jwtValidationInfo.getClaims(); this.validationCode = jwtValidationInfo.getValidationCode(); this.keyManager = jwtValidationInfo.getKeyManager(); + this.audience = jwtValidationInfo.audience; + } + + public List getAudience() { + return audience; + } + + public void setAudience(List audience) { + this.audience = audience; } public String getToken() { diff --git a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/AuthenticationConfig.java b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/AuthenticationConfig.java index ade16982d5..b0c5ff67f1 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/AuthenticationConfig.java +++ b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/AuthenticationConfig.java @@ -24,6 +24,7 @@ public class AuthenticationConfig { private JWTAuthenticationConfig jwtAuthenticationConfig; private List apiKeyAuthenticationConfigs; private InternalKeyConfig internalKeyConfig; + private Oauth2AuthenticationConfig oauth2AuthenticationConfig; private boolean Disabled; public JWTAuthenticationConfig getJwtAuthenticationConfig() { @@ -57,4 +58,14 @@ public InternalKeyConfig getInternalKeyConfig() { public void setInternalKeyConfig(InternalKeyConfig internalKeyConfig) { this.internalKeyConfig = internalKeyConfig; } + + public Oauth2AuthenticationConfig getOauth2AuthenticationConfig() { + + return oauth2AuthenticationConfig; + } + + public void setOauth2AuthenticationConfig(Oauth2AuthenticationConfig oauth2AuthenticationConfig) { + + this.oauth2AuthenticationConfig = oauth2AuthenticationConfig; + } } diff --git a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/JWTAuthenticationConfig.java b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/JWTAuthenticationConfig.java index b222e2f6c5..bee4153504 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/JWTAuthenticationConfig.java +++ b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/JWTAuthenticationConfig.java @@ -18,23 +18,41 @@ package org.wso2.apk.enforcer.commons.model; +import java.util.ArrayList; + public class JWTAuthenticationConfig { + private String Header; private boolean sendTokenToUpstream; + private ArrayList audience; public String getHeader() { + return Header; } public void setHeader(String header) { + Header = header; } public boolean isSendTokenToUpstream() { + return sendTokenToUpstream; } public void setSendTokenToUpstream(boolean sendTokenToUpstream) { + this.sendTokenToUpstream = sendTokenToUpstream; } + + public ArrayList getAudience() { + + return audience; + } + + public void setAudience(ArrayList audience) { + + this.audience = audience; + } } diff --git a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/Oauth2AuthenticationConfig.java b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/Oauth2AuthenticationConfig.java new file mode 100644 index 0000000000..240672eb18 --- /dev/null +++ b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/Oauth2AuthenticationConfig.java @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.apk.enforcer.commons.model; + +public class Oauth2AuthenticationConfig { + private String Header; + private boolean sendTokenToUpstream; + + public String getHeader() { + return Header; + } + + public void setHeader(String header) { + Header = header; + } + + public boolean isSendTokenToUpstream() { + return sendTokenToUpstream; + } + + public void setSendTokenToUpstream(boolean sendTokenToUpstream) { + this.sendTokenToUpstream = sendTokenToUpstream; + } +} diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/Utils.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/Utils.java index 8c2ee4e76c..b8b879d1cc 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/Utils.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/Utils.java @@ -19,8 +19,8 @@ import org.wso2.apk.enforcer.commons.model.APIKeyAuthenticationConfig; import org.wso2.apk.enforcer.commons.model.AuthenticationConfig; -import org.wso2.apk.enforcer.commons.model.InternalKeyConfig; import org.wso2.apk.enforcer.commons.model.JWTAuthenticationConfig; +import org.wso2.apk.enforcer.commons.model.Oauth2AuthenticationConfig; import org.wso2.apk.enforcer.discovery.api.APIKey; import org.wso2.apk.enforcer.discovery.api.EndpointClusterConfig; import org.wso2.apk.enforcer.discovery.api.Operation; @@ -92,35 +92,50 @@ public static ResourceConfig buildResource(Operation operation, String resPath, AuthenticationConfig authenticationConfig = new AuthenticationConfig(); if (operation.hasApiAuthentication()) { authenticationConfig.setDisabled(operation.getApiAuthentication().getDisabled()); - if (operation.getApiAuthentication().hasJwt()) { - JWTAuthenticationConfig jwtAuthenticationConfig = new JWTAuthenticationConfig(); - jwtAuthenticationConfig.setHeader(operation.getApiAuthentication().getJwt().getHeader()); - jwtAuthenticationConfig.setSendTokenToUpstream(operation.getApiAuthentication().getJwt() + if (operation.getApiAuthentication().hasOauth2()) { + Oauth2AuthenticationConfig oAuth2AuthenticationConfig = new Oauth2AuthenticationConfig(); + oAuth2AuthenticationConfig.setHeader(operation.getApiAuthentication().getOauth2().getHeader()); + oAuth2AuthenticationConfig.setSendTokenToUpstream(operation.getApiAuthentication().getOauth2() .getSendTokenToUpstream()); - authenticationConfig.setJwtAuthenticationConfig(jwtAuthenticationConfig); + authenticationConfig.setOauth2AuthenticationConfig(oAuth2AuthenticationConfig); } - List apiKeyAuthenticationConfigs = new ArrayList<>(); - for (APIKey apiKey : operation.getApiAuthentication().getApikeyList()) { - APIKeyAuthenticationConfig apiKeyAuthenticationConfig = new APIKeyAuthenticationConfig(); - apiKeyAuthenticationConfig.setIn(apiKey.getIn()); - apiKeyAuthenticationConfig.setName(apiKey.getName()); - apiKeyAuthenticationConfig.setSendTokenToUpstream(apiKey.getSendTokenToUpstream()); - apiKeyAuthenticationConfigs.add(apiKeyAuthenticationConfig); + if (operation.getApiAuthentication().hasJwt()) { + JWTAuthenticationConfig jwtAuthenticationConfig = getJwtAuthenticationConfig(operation); + authenticationConfig.setJwtAuthenticationConfig(jwtAuthenticationConfig); } + List apiKeyAuthenticationConfigs = getApiKeyAuthenticationConfigs(operation); authenticationConfig.setApiKeyAuthenticationConfigs(apiKeyAuthenticationConfigs); - if(operation.getApiAuthentication().hasTestConsoleKey()) { - InternalKeyConfig internalKeyConfig = new InternalKeyConfig(); - internalKeyConfig.setSendTokenToUpstream(operation.getApiAuthentication().getTestConsoleKey() - .getSendTokenToUpstream()); - internalKeyConfig.setHeader(operation.getApiAuthentication().getTestConsoleKey().getHeader()); - authenticationConfig.setInternalKeyConfig(internalKeyConfig); - } } resource.setAuthenticationConfig(authenticationConfig); resource.setScopes(operation.getScopesList().toArray(new String[0])); return resource; } + private static List getApiKeyAuthenticationConfigs(Operation operation) { + List apiKeyAuthenticationConfigs = new ArrayList<>(); + for (APIKey apiKey : operation.getApiAuthentication().getApikeyList()) { + APIKeyAuthenticationConfig apiKeyAuthenticationConfig = new APIKeyAuthenticationConfig(); + apiKeyAuthenticationConfig.setIn(apiKey.getIn()); + apiKeyAuthenticationConfig.setName(apiKey.getName()); + apiKeyAuthenticationConfig.setSendTokenToUpstream(apiKey.getSendTokenToUpstream()); + apiKeyAuthenticationConfigs.add(apiKeyAuthenticationConfig); + } + return apiKeyAuthenticationConfigs; + } + + private static JWTAuthenticationConfig getJwtAuthenticationConfig(Operation operation) { + JWTAuthenticationConfig jwtAuthenticationConfig = new JWTAuthenticationConfig(); + jwtAuthenticationConfig.setHeader(operation.getApiAuthentication().getJwt().getHeader()); + jwtAuthenticationConfig.setSendTokenToUpstream(operation.getApiAuthentication().getJwt() + .getSendTokenToUpstream()); + ArrayList audience = new ArrayList<>(); + for (int i = 0; i < operation.getApiAuthentication().getJwt().getAudienceCount(); i++) { + audience.add(operation.getApiAuthentication().getJwt().getAudience(i)); + } + jwtAuthenticationConfig.setAudience(audience); + return jwtAuthenticationConfig; + } + public static PolicyConfig genPolicyConfig(OperationPolicies operationPolicies) { PolicyConfig policyConfig = new PolicyConfig(); if (operationPolicies.getRequestCount() > 0) { diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/APIAuthentication.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/APIAuthentication.java index 3c7df3b218..439f65eb75 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/APIAuthentication.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/APIAuthentication.java @@ -78,14 +78,14 @@ private APIAuthentication( break; } case 34: { - org.wso2.apk.enforcer.discovery.api.TestConsoleKey.Builder subBuilder = null; - if (testConsoleKey_ != null) { - subBuilder = testConsoleKey_.toBuilder(); + org.wso2.apk.enforcer.discovery.api.Oauth2.Builder subBuilder = null; + if (oauth2_ != null) { + subBuilder = oauth2_.toBuilder(); } - testConsoleKey_ = input.readMessage(org.wso2.apk.enforcer.discovery.api.TestConsoleKey.parser(), extensionRegistry); + oauth2_ = input.readMessage(org.wso2.apk.enforcer.discovery.api.Oauth2.parser(), extensionRegistry); if (subBuilder != null) { - subBuilder.mergeFrom(testConsoleKey_); - testConsoleKey_ = subBuilder.buildPartial(); + subBuilder.mergeFrom(oauth2_); + oauth2_ = subBuilder.buildPartial(); } break; @@ -206,30 +206,30 @@ public org.wso2.apk.enforcer.discovery.api.APIKeyOrBuilder getApikeyOrBuilder( return apikey_.get(index); } - public static final int TESTCONSOLEKEY_FIELD_NUMBER = 4; - private org.wso2.apk.enforcer.discovery.api.TestConsoleKey testConsoleKey_; + public static final int OAUTH2_FIELD_NUMBER = 4; + private org.wso2.apk.enforcer.discovery.api.Oauth2 oauth2_; /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; - * @return Whether the testConsoleKey field is set. + * .wso2.discovery.api.Oauth2 Oauth2 = 4; + * @return Whether the oauth2 field is set. */ @java.lang.Override - public boolean hasTestConsoleKey() { - return testConsoleKey_ != null; + public boolean hasOauth2() { + return oauth2_ != null; } /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; - * @return The testConsoleKey. + * .wso2.discovery.api.Oauth2 Oauth2 = 4; + * @return The oauth2. */ @java.lang.Override - public org.wso2.apk.enforcer.discovery.api.TestConsoleKey getTestConsoleKey() { - return testConsoleKey_ == null ? org.wso2.apk.enforcer.discovery.api.TestConsoleKey.getDefaultInstance() : testConsoleKey_; + public org.wso2.apk.enforcer.discovery.api.Oauth2 getOauth2() { + return oauth2_ == null ? org.wso2.apk.enforcer.discovery.api.Oauth2.getDefaultInstance() : oauth2_; } /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; + * .wso2.discovery.api.Oauth2 Oauth2 = 4; */ @java.lang.Override - public org.wso2.apk.enforcer.discovery.api.TestConsoleKeyOrBuilder getTestConsoleKeyOrBuilder() { - return getTestConsoleKey(); + public org.wso2.apk.enforcer.discovery.api.Oauth2OrBuilder getOauth2OrBuilder() { + return getOauth2(); } private byte memoizedIsInitialized = -1; @@ -255,8 +255,8 @@ public void writeTo(com.google.protobuf.CodedOutputStream output) for (int i = 0; i < apikey_.size(); i++) { output.writeMessage(3, apikey_.get(i)); } - if (testConsoleKey_ != null) { - output.writeMessage(4, getTestConsoleKey()); + if (oauth2_ != null) { + output.writeMessage(4, getOauth2()); } unknownFields.writeTo(output); } @@ -279,9 +279,9 @@ public int getSerializedSize() { size += com.google.protobuf.CodedOutputStream .computeMessageSize(3, apikey_.get(i)); } - if (testConsoleKey_ != null) { + if (oauth2_ != null) { size += com.google.protobuf.CodedOutputStream - .computeMessageSize(4, getTestConsoleKey()); + .computeMessageSize(4, getOauth2()); } size += unknownFields.getSerializedSize(); memoizedSize = size; @@ -307,10 +307,10 @@ public boolean equals(final java.lang.Object obj) { } if (!getApikeyList() .equals(other.getApikeyList())) return false; - if (hasTestConsoleKey() != other.hasTestConsoleKey()) return false; - if (hasTestConsoleKey()) { - if (!getTestConsoleKey() - .equals(other.getTestConsoleKey())) return false; + if (hasOauth2() != other.hasOauth2()) return false; + if (hasOauth2()) { + if (!getOauth2() + .equals(other.getOauth2())) return false; } if (!unknownFields.equals(other.unknownFields)) return false; return true; @@ -334,9 +334,9 @@ public int hashCode() { hash = (37 * hash) + APIKEY_FIELD_NUMBER; hash = (53 * hash) + getApikeyList().hashCode(); } - if (hasTestConsoleKey()) { - hash = (37 * hash) + TESTCONSOLEKEY_FIELD_NUMBER; - hash = (53 * hash) + getTestConsoleKey().hashCode(); + if (hasOauth2()) { + hash = (37 * hash) + OAUTH2_FIELD_NUMBER; + hash = (53 * hash) + getOauth2().hashCode(); } hash = (29 * hash) + unknownFields.hashCode(); memoizedHashCode = hash; @@ -486,11 +486,11 @@ public Builder clear() { } else { apikeyBuilder_.clear(); } - if (testConsoleKeyBuilder_ == null) { - testConsoleKey_ = null; + if (oauth2Builder_ == null) { + oauth2_ = null; } else { - testConsoleKey_ = null; - testConsoleKeyBuilder_ = null; + oauth2_ = null; + oauth2Builder_ = null; } return this; } @@ -534,10 +534,10 @@ public org.wso2.apk.enforcer.discovery.api.APIAuthentication buildPartial() { } else { result.apikey_ = apikeyBuilder_.build(); } - if (testConsoleKeyBuilder_ == null) { - result.testConsoleKey_ = testConsoleKey_; + if (oauth2Builder_ == null) { + result.oauth2_ = oauth2_; } else { - result.testConsoleKey_ = testConsoleKeyBuilder_.build(); + result.oauth2_ = oauth2Builder_.build(); } onBuilt(); return result; @@ -619,8 +619,8 @@ public Builder mergeFrom(org.wso2.apk.enforcer.discovery.api.APIAuthentication o } } } - if (other.hasTestConsoleKey()) { - mergeTestConsoleKey(other.getTestConsoleKey()); + if (other.hasOauth2()) { + mergeOauth2(other.getOauth2()); } this.mergeUnknownFields(other.unknownFields); onChanged(); @@ -1054,123 +1054,123 @@ public org.wso2.apk.enforcer.discovery.api.APIKey.Builder addApikeyBuilder( return apikeyBuilder_; } - private org.wso2.apk.enforcer.discovery.api.TestConsoleKey testConsoleKey_; + private org.wso2.apk.enforcer.discovery.api.Oauth2 oauth2_; private com.google.protobuf.SingleFieldBuilderV3< - org.wso2.apk.enforcer.discovery.api.TestConsoleKey, org.wso2.apk.enforcer.discovery.api.TestConsoleKey.Builder, org.wso2.apk.enforcer.discovery.api.TestConsoleKeyOrBuilder> testConsoleKeyBuilder_; + org.wso2.apk.enforcer.discovery.api.Oauth2, org.wso2.apk.enforcer.discovery.api.Oauth2.Builder, org.wso2.apk.enforcer.discovery.api.Oauth2OrBuilder> oauth2Builder_; /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; - * @return Whether the testConsoleKey field is set. + * .wso2.discovery.api.Oauth2 Oauth2 = 4; + * @return Whether the oauth2 field is set. */ - public boolean hasTestConsoleKey() { - return testConsoleKeyBuilder_ != null || testConsoleKey_ != null; + public boolean hasOauth2() { + return oauth2Builder_ != null || oauth2_ != null; } /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; - * @return The testConsoleKey. + * .wso2.discovery.api.Oauth2 Oauth2 = 4; + * @return The oauth2. */ - public org.wso2.apk.enforcer.discovery.api.TestConsoleKey getTestConsoleKey() { - if (testConsoleKeyBuilder_ == null) { - return testConsoleKey_ == null ? org.wso2.apk.enforcer.discovery.api.TestConsoleKey.getDefaultInstance() : testConsoleKey_; + public org.wso2.apk.enforcer.discovery.api.Oauth2 getOauth2() { + if (oauth2Builder_ == null) { + return oauth2_ == null ? org.wso2.apk.enforcer.discovery.api.Oauth2.getDefaultInstance() : oauth2_; } else { - return testConsoleKeyBuilder_.getMessage(); + return oauth2Builder_.getMessage(); } } /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; + * .wso2.discovery.api.Oauth2 Oauth2 = 4; */ - public Builder setTestConsoleKey(org.wso2.apk.enforcer.discovery.api.TestConsoleKey value) { - if (testConsoleKeyBuilder_ == null) { + public Builder setOauth2(org.wso2.apk.enforcer.discovery.api.Oauth2 value) { + if (oauth2Builder_ == null) { if (value == null) { throw new NullPointerException(); } - testConsoleKey_ = value; + oauth2_ = value; onChanged(); } else { - testConsoleKeyBuilder_.setMessage(value); + oauth2Builder_.setMessage(value); } return this; } /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; + * .wso2.discovery.api.Oauth2 Oauth2 = 4; */ - public Builder setTestConsoleKey( - org.wso2.apk.enforcer.discovery.api.TestConsoleKey.Builder builderForValue) { - if (testConsoleKeyBuilder_ == null) { - testConsoleKey_ = builderForValue.build(); + public Builder setOauth2( + org.wso2.apk.enforcer.discovery.api.Oauth2.Builder builderForValue) { + if (oauth2Builder_ == null) { + oauth2_ = builderForValue.build(); onChanged(); } else { - testConsoleKeyBuilder_.setMessage(builderForValue.build()); + oauth2Builder_.setMessage(builderForValue.build()); } return this; } /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; + * .wso2.discovery.api.Oauth2 Oauth2 = 4; */ - public Builder mergeTestConsoleKey(org.wso2.apk.enforcer.discovery.api.TestConsoleKey value) { - if (testConsoleKeyBuilder_ == null) { - if (testConsoleKey_ != null) { - testConsoleKey_ = - org.wso2.apk.enforcer.discovery.api.TestConsoleKey.newBuilder(testConsoleKey_).mergeFrom(value).buildPartial(); + public Builder mergeOauth2(org.wso2.apk.enforcer.discovery.api.Oauth2 value) { + if (oauth2Builder_ == null) { + if (oauth2_ != null) { + oauth2_ = + org.wso2.apk.enforcer.discovery.api.Oauth2.newBuilder(oauth2_).mergeFrom(value).buildPartial(); } else { - testConsoleKey_ = value; + oauth2_ = value; } onChanged(); } else { - testConsoleKeyBuilder_.mergeFrom(value); + oauth2Builder_.mergeFrom(value); } return this; } /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; + * .wso2.discovery.api.Oauth2 Oauth2 = 4; */ - public Builder clearTestConsoleKey() { - if (testConsoleKeyBuilder_ == null) { - testConsoleKey_ = null; + public Builder clearOauth2() { + if (oauth2Builder_ == null) { + oauth2_ = null; onChanged(); } else { - testConsoleKey_ = null; - testConsoleKeyBuilder_ = null; + oauth2_ = null; + oauth2Builder_ = null; } return this; } /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; + * .wso2.discovery.api.Oauth2 Oauth2 = 4; */ - public org.wso2.apk.enforcer.discovery.api.TestConsoleKey.Builder getTestConsoleKeyBuilder() { + public org.wso2.apk.enforcer.discovery.api.Oauth2.Builder getOauth2Builder() { onChanged(); - return getTestConsoleKeyFieldBuilder().getBuilder(); + return getOauth2FieldBuilder().getBuilder(); } /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; + * .wso2.discovery.api.Oauth2 Oauth2 = 4; */ - public org.wso2.apk.enforcer.discovery.api.TestConsoleKeyOrBuilder getTestConsoleKeyOrBuilder() { - if (testConsoleKeyBuilder_ != null) { - return testConsoleKeyBuilder_.getMessageOrBuilder(); + public org.wso2.apk.enforcer.discovery.api.Oauth2OrBuilder getOauth2OrBuilder() { + if (oauth2Builder_ != null) { + return oauth2Builder_.getMessageOrBuilder(); } else { - return testConsoleKey_ == null ? - org.wso2.apk.enforcer.discovery.api.TestConsoleKey.getDefaultInstance() : testConsoleKey_; + return oauth2_ == null ? + org.wso2.apk.enforcer.discovery.api.Oauth2.getDefaultInstance() : oauth2_; } } /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; + * .wso2.discovery.api.Oauth2 Oauth2 = 4; */ private com.google.protobuf.SingleFieldBuilderV3< - org.wso2.apk.enforcer.discovery.api.TestConsoleKey, org.wso2.apk.enforcer.discovery.api.TestConsoleKey.Builder, org.wso2.apk.enforcer.discovery.api.TestConsoleKeyOrBuilder> - getTestConsoleKeyFieldBuilder() { - if (testConsoleKeyBuilder_ == null) { - testConsoleKeyBuilder_ = new com.google.protobuf.SingleFieldBuilderV3< - org.wso2.apk.enforcer.discovery.api.TestConsoleKey, org.wso2.apk.enforcer.discovery.api.TestConsoleKey.Builder, org.wso2.apk.enforcer.discovery.api.TestConsoleKeyOrBuilder>( - getTestConsoleKey(), + org.wso2.apk.enforcer.discovery.api.Oauth2, org.wso2.apk.enforcer.discovery.api.Oauth2.Builder, org.wso2.apk.enforcer.discovery.api.Oauth2OrBuilder> + getOauth2FieldBuilder() { + if (oauth2Builder_ == null) { + oauth2Builder_ = new com.google.protobuf.SingleFieldBuilderV3< + org.wso2.apk.enforcer.discovery.api.Oauth2, org.wso2.apk.enforcer.discovery.api.Oauth2.Builder, org.wso2.apk.enforcer.discovery.api.Oauth2OrBuilder>( + getOauth2(), getParentForChildren(), isClean()); - testConsoleKey_ = null; + oauth2_ = null; } - return testConsoleKeyBuilder_; + return oauth2Builder_; } @java.lang.Override public final Builder setUnknownFields( diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/APIAuthenticationOrBuilder.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/APIAuthenticationOrBuilder.java index 047efca17d..110ea4c817 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/APIAuthenticationOrBuilder.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/APIAuthenticationOrBuilder.java @@ -57,17 +57,17 @@ org.wso2.apk.enforcer.discovery.api.APIKeyOrBuilder getApikeyOrBuilder( int index); /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; - * @return Whether the testConsoleKey field is set. + * .wso2.discovery.api.Oauth2 Oauth2 = 4; + * @return Whether the oauth2 field is set. */ - boolean hasTestConsoleKey(); + boolean hasOauth2(); /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; - * @return The testConsoleKey. + * .wso2.discovery.api.Oauth2 Oauth2 = 4; + * @return The oauth2. */ - org.wso2.apk.enforcer.discovery.api.TestConsoleKey getTestConsoleKey(); + org.wso2.apk.enforcer.discovery.api.Oauth2 getOauth2(); /** - * .wso2.discovery.api.TestConsoleKey testConsoleKey = 4; + * .wso2.discovery.api.Oauth2 Oauth2 = 4; */ - org.wso2.apk.enforcer.discovery.api.TestConsoleKeyOrBuilder getTestConsoleKeyOrBuilder(); + org.wso2.apk.enforcer.discovery.api.Oauth2OrBuilder getOauth2OrBuilder(); } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/APIAuthenticationProto.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/APIAuthenticationProto.java index 29ece1c09c..9c112c460f 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/APIAuthenticationProto.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/APIAuthenticationProto.java @@ -25,15 +25,15 @@ public static void registerAllExtensions( com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internal_static_wso2_discovery_api_JWT_fieldAccessorTable; static final com.google.protobuf.Descriptors.Descriptor - internal_static_wso2_discovery_api_APIAuthentication_descriptor; + internal_static_wso2_discovery_api_Oauth2_descriptor; static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable - internal_static_wso2_discovery_api_APIAuthentication_fieldAccessorTable; + internal_static_wso2_discovery_api_Oauth2_fieldAccessorTable; static final com.google.protobuf.Descriptors.Descriptor - internal_static_wso2_discovery_api_TestConsoleKey_descriptor; + internal_static_wso2_discovery_api_APIAuthentication_descriptor; static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable - internal_static_wso2_discovery_api_TestConsoleKey_fieldAccessorTable; + internal_static_wso2_discovery_api_APIAuthentication_fieldAccessorTable; public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() { @@ -46,18 +46,17 @@ public static void registerAllExtensions( "\n+wso2/discovery/api/api_authentication." + "proto\022\022wso2.discovery.api\"?\n\006APIKey\022\014\n\004n" + "ame\030\001 \001(\t\022\n\n\002in\030\002 \001(\t\022\033\n\023sendTokenToUpst" + - "ream\030\003 \001(\010\"2\n\003JWT\022\016\n\006header\030\001 \001(\t\022\033\n\023sen" + - "dTokenToUpstream\030\002 \001(\010\"\263\001\n\021APIAuthentica" + - "tion\022\020\n\010disabled\030\001 \001(\010\022$\n\003jwt\030\002 \001(\0132\027.ws" + - "o2.discovery.api.JWT\022*\n\006apikey\030\003 \003(\0132\032.w" + - "so2.discovery.api.APIKey\022:\n\016testConsoleK" + - "ey\030\004 \001(\0132\".wso2.discovery.api.TestConsol" + - "eKey\"=\n\016TestConsoleKey\022\016\n\006header\030\001 \001(\t\022\033" + - "\n\023sendTokenToUpstream\030\002 \001(\010B~\n#org.wso2." + - "apk.enforcer.discovery.apiB\026APIAuthentic" + - "ationProtoP\001Z=github.com/envoyproxy/go-c" + - "ontrol-plane/wso2/discovery/api;apib\006pro" + - "to3" + "ream\030\003 \001(\010\"D\n\003JWT\022\016\n\006header\030\001 \001(\t\022\033\n\023sen" + + "dTokenToUpstream\030\002 \001(\010\022\020\n\010audience\030\003 \003(\t" + + "\"5\n\006Oauth2\022\016\n\006header\030\001 \001(\t\022\033\n\023sendTokenT" + + "oUpstream\030\002 \001(\010\"\243\001\n\021APIAuthentication\022\020\n" + + "\010disabled\030\001 \001(\010\022$\n\003jwt\030\002 \001(\0132\027.wso2.disc" + + "overy.api.JWT\022*\n\006apikey\030\003 \003(\0132\032.wso2.dis" + + "covery.api.APIKey\022*\n\006Oauth2\030\004 \001(\0132\032.wso2" + + ".discovery.api.Oauth2B~\n#org.wso2.apk.en" + + "forcer.discovery.apiB\026APIAuthenticationP" + + "rotoP\001Z=github.com/envoyproxy/go-control" + + "-plane/wso2/discovery/api;apib\006proto3" }; descriptor = com.google.protobuf.Descriptors.FileDescriptor .internalBuildGeneratedFileFrom(descriptorData, @@ -74,19 +73,19 @@ public static void registerAllExtensions( internal_static_wso2_discovery_api_JWT_fieldAccessorTable = new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( internal_static_wso2_discovery_api_JWT_descriptor, + new java.lang.String[] { "Header", "SendTokenToUpstream", "Audience", }); + internal_static_wso2_discovery_api_Oauth2_descriptor = + getDescriptor().getMessageTypes().get(2); + internal_static_wso2_discovery_api_Oauth2_fieldAccessorTable = new + com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( + internal_static_wso2_discovery_api_Oauth2_descriptor, new java.lang.String[] { "Header", "SendTokenToUpstream", }); internal_static_wso2_discovery_api_APIAuthentication_descriptor = - getDescriptor().getMessageTypes().get(2); + getDescriptor().getMessageTypes().get(3); internal_static_wso2_discovery_api_APIAuthentication_fieldAccessorTable = new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( internal_static_wso2_discovery_api_APIAuthentication_descriptor, - new java.lang.String[] { "Disabled", "Jwt", "Apikey", "TestConsoleKey", }); - internal_static_wso2_discovery_api_TestConsoleKey_descriptor = - getDescriptor().getMessageTypes().get(3); - internal_static_wso2_discovery_api_TestConsoleKey_fieldAccessorTable = new - com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( - internal_static_wso2_discovery_api_TestConsoleKey_descriptor, - new java.lang.String[] { "Header", "SendTokenToUpstream", }); + new java.lang.String[] { "Disabled", "Jwt", "Apikey", "Oauth2", }); } // @@protoc_insertion_point(outer_class_scope) diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/JWT.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/JWT.java index e1f5fa2468..fa94ed0631 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/JWT.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/JWT.java @@ -17,6 +17,7 @@ private JWT(com.google.protobuf.GeneratedMessageV3.Builder builder) { } private JWT() { header_ = ""; + audience_ = com.google.protobuf.LazyStringArrayList.EMPTY; } @java.lang.Override @@ -39,6 +40,7 @@ private JWT( if (extensionRegistry == null) { throw new java.lang.NullPointerException(); } + int mutable_bitField0_ = 0; com.google.protobuf.UnknownFieldSet.Builder unknownFields = com.google.protobuf.UnknownFieldSet.newBuilder(); try { @@ -60,6 +62,15 @@ private JWT( sendTokenToUpstream_ = input.readBool(); break; } + case 26: { + java.lang.String s = input.readStringRequireUtf8(); + if (!((mutable_bitField0_ & 0x00000001) != 0)) { + audience_ = new com.google.protobuf.LazyStringArrayList(); + mutable_bitField0_ |= 0x00000001; + } + audience_.add(s); + break; + } default: { if (!parseUnknownField( input, unknownFields, extensionRegistry, tag)) { @@ -75,6 +86,9 @@ private JWT( throw new com.google.protobuf.InvalidProtocolBufferException( e).setUnfinishedMessage(this); } finally { + if (((mutable_bitField0_ & 0x00000001) != 0)) { + audience_ = audience_.getUnmodifiableView(); + } this.unknownFields = unknownFields.build(); makeExtensionsImmutable(); } @@ -153,6 +167,41 @@ public boolean getSendTokenToUpstream() { return sendTokenToUpstream_; } + public static final int AUDIENCE_FIELD_NUMBER = 3; + private com.google.protobuf.LazyStringList audience_; + /** + * repeated string audience = 3; + * @return A list containing the audience. + */ + public com.google.protobuf.ProtocolStringList + getAudienceList() { + return audience_; + } + /** + * repeated string audience = 3; + * @return The count of audience. + */ + public int getAudienceCount() { + return audience_.size(); + } + /** + * repeated string audience = 3; + * @param index The index of the element to return. + * @return The audience at the given index. + */ + public java.lang.String getAudience(int index) { + return audience_.get(index); + } + /** + * repeated string audience = 3; + * @param index The index of the value to return. + * @return The bytes of the audience at the given index. + */ + public com.google.protobuf.ByteString + getAudienceBytes(int index) { + return audience_.getByteString(index); + } + private byte memoizedIsInitialized = -1; @java.lang.Override public final boolean isInitialized() { @@ -173,6 +222,9 @@ public void writeTo(com.google.protobuf.CodedOutputStream output) if (sendTokenToUpstream_ != false) { output.writeBool(2, sendTokenToUpstream_); } + for (int i = 0; i < audience_.size(); i++) { + com.google.protobuf.GeneratedMessageV3.writeString(output, 3, audience_.getRaw(i)); + } unknownFields.writeTo(output); } @@ -189,6 +241,14 @@ public int getSerializedSize() { size += com.google.protobuf.CodedOutputStream .computeBoolSize(2, sendTokenToUpstream_); } + { + int dataSize = 0; + for (int i = 0; i < audience_.size(); i++) { + dataSize += computeStringSizeNoTag(audience_.getRaw(i)); + } + size += dataSize; + size += 1 * getAudienceList().size(); + } size += unknownFields.getSerializedSize(); memoizedSize = size; return size; @@ -208,6 +268,8 @@ public boolean equals(final java.lang.Object obj) { .equals(other.getHeader())) return false; if (getSendTokenToUpstream() != other.getSendTokenToUpstream()) return false; + if (!getAudienceList() + .equals(other.getAudienceList())) return false; if (!unknownFields.equals(other.unknownFields)) return false; return true; } @@ -224,6 +286,10 @@ public int hashCode() { hash = (37 * hash) + SENDTOKENTOUPSTREAM_FIELD_NUMBER; hash = (53 * hash) + com.google.protobuf.Internal.hashBoolean( getSendTokenToUpstream()); + if (getAudienceCount() > 0) { + hash = (37 * hash) + AUDIENCE_FIELD_NUMBER; + hash = (53 * hash) + getAudienceList().hashCode(); + } hash = (29 * hash) + unknownFields.hashCode(); memoizedHashCode = hash; return hash; @@ -361,6 +427,8 @@ public Builder clear() { sendTokenToUpstream_ = false; + audience_ = com.google.protobuf.LazyStringArrayList.EMPTY; + bitField0_ = (bitField0_ & ~0x00000001); return this; } @@ -387,8 +455,14 @@ public org.wso2.apk.enforcer.discovery.api.JWT build() { @java.lang.Override public org.wso2.apk.enforcer.discovery.api.JWT buildPartial() { org.wso2.apk.enforcer.discovery.api.JWT result = new org.wso2.apk.enforcer.discovery.api.JWT(this); + int from_bitField0_ = bitField0_; result.header_ = header_; result.sendTokenToUpstream_ = sendTokenToUpstream_; + if (((bitField0_ & 0x00000001) != 0)) { + audience_ = audience_.getUnmodifiableView(); + bitField0_ = (bitField0_ & ~0x00000001); + } + result.audience_ = audience_; onBuilt(); return result; } @@ -444,6 +518,16 @@ public Builder mergeFrom(org.wso2.apk.enforcer.discovery.api.JWT other) { if (other.getSendTokenToUpstream() != false) { setSendTokenToUpstream(other.getSendTokenToUpstream()); } + if (!other.audience_.isEmpty()) { + if (audience_.isEmpty()) { + audience_ = other.audience_; + bitField0_ = (bitField0_ & ~0x00000001); + } else { + ensureAudienceIsMutable(); + audience_.addAll(other.audience_); + } + onChanged(); + } this.mergeUnknownFields(other.unknownFields); onChanged(); return this; @@ -472,6 +556,7 @@ public Builder mergeFrom( } return this; } + private int bitField0_; private java.lang.Object header_ = ""; /** @@ -611,6 +696,116 @@ public Builder clearSendTokenToUpstream() { onChanged(); return this; } + + private com.google.protobuf.LazyStringList audience_ = com.google.protobuf.LazyStringArrayList.EMPTY; + private void ensureAudienceIsMutable() { + if (!((bitField0_ & 0x00000001) != 0)) { + audience_ = new com.google.protobuf.LazyStringArrayList(audience_); + bitField0_ |= 0x00000001; + } + } + /** + * repeated string audience = 3; + * @return A list containing the audience. + */ + public com.google.protobuf.ProtocolStringList + getAudienceList() { + return audience_.getUnmodifiableView(); + } + /** + * repeated string audience = 3; + * @return The count of audience. + */ + public int getAudienceCount() { + return audience_.size(); + } + /** + * repeated string audience = 3; + * @param index The index of the element to return. + * @return The audience at the given index. + */ + public java.lang.String getAudience(int index) { + return audience_.get(index); + } + /** + * repeated string audience = 3; + * @param index The index of the value to return. + * @return The bytes of the audience at the given index. + */ + public com.google.protobuf.ByteString + getAudienceBytes(int index) { + return audience_.getByteString(index); + } + /** + * repeated string audience = 3; + * @param index The index to set the value at. + * @param value The audience to set. + * @return This builder for chaining. + */ + public Builder setAudience( + int index, java.lang.String value) { + if (value == null) { + throw new NullPointerException(); + } + ensureAudienceIsMutable(); + audience_.set(index, value); + onChanged(); + return this; + } + /** + * repeated string audience = 3; + * @param value The audience to add. + * @return This builder for chaining. + */ + public Builder addAudience( + java.lang.String value) { + if (value == null) { + throw new NullPointerException(); + } + ensureAudienceIsMutable(); + audience_.add(value); + onChanged(); + return this; + } + /** + * repeated string audience = 3; + * @param values The audience to add. + * @return This builder for chaining. + */ + public Builder addAllAudience( + java.lang.Iterable values) { + ensureAudienceIsMutable(); + com.google.protobuf.AbstractMessageLite.Builder.addAll( + values, audience_); + onChanged(); + return this; + } + /** + * repeated string audience = 3; + * @return This builder for chaining. + */ + public Builder clearAudience() { + audience_ = com.google.protobuf.LazyStringArrayList.EMPTY; + bitField0_ = (bitField0_ & ~0x00000001); + onChanged(); + return this; + } + /** + * repeated string audience = 3; + * @param value The bytes of the audience to add. + * @return This builder for chaining. + */ + public Builder addAudienceBytes( + com.google.protobuf.ByteString value) { + if (value == null) { + throw new NullPointerException(); + } + checkByteStringIsUtf8(value); + ensureAudienceIsMutable(); + audience_.add(value); + onChanged(); + return this; + } @java.lang.Override public final Builder setUnknownFields( final com.google.protobuf.UnknownFieldSet unknownFields) { diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/JWTOrBuilder.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/JWTOrBuilder.java index 3b1eee4ba2..0b1220acc4 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/JWTOrBuilder.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/JWTOrBuilder.java @@ -36,4 +36,29 @@ public interface JWTOrBuilder extends * @return The sendTokenToUpstream. */ boolean getSendTokenToUpstream(); + + /** + * repeated string audience = 3; + * @return A list containing the audience. + */ + java.util.List + getAudienceList(); + /** + * repeated string audience = 3; + * @return The count of audience. + */ + int getAudienceCount(); + /** + * repeated string audience = 3; + * @param index The index of the element to return. + * @return The audience at the given index. + */ + java.lang.String getAudience(int index); + /** + * repeated string audience = 3; + * @param index The index of the value to return. + * @return The bytes of the audience at the given index. + */ + com.google.protobuf.ByteString + getAudienceBytes(int index); } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/TestConsoleKey.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Oauth2.java similarity index 78% rename from gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/TestConsoleKey.java rename to gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Oauth2.java index 987c16fb56..e90bb74143 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/TestConsoleKey.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Oauth2.java @@ -4,18 +4,18 @@ package org.wso2.apk.enforcer.discovery.api; /** - * Protobuf type {@code wso2.discovery.api.TestConsoleKey} + * Protobuf type {@code wso2.discovery.api.Oauth2} */ -public final class TestConsoleKey extends +public final class Oauth2 extends com.google.protobuf.GeneratedMessageV3 implements - // @@protoc_insertion_point(message_implements:wso2.discovery.api.TestConsoleKey) - TestConsoleKeyOrBuilder { + // @@protoc_insertion_point(message_implements:wso2.discovery.api.Oauth2) + Oauth2OrBuilder { private static final long serialVersionUID = 0L; - // Use TestConsoleKey.newBuilder() to construct. - private TestConsoleKey(com.google.protobuf.GeneratedMessageV3.Builder builder) { + // Use Oauth2.newBuilder() to construct. + private Oauth2(com.google.protobuf.GeneratedMessageV3.Builder builder) { super(builder); } - private TestConsoleKey() { + private Oauth2() { header_ = ""; } @@ -23,7 +23,7 @@ private TestConsoleKey() { @SuppressWarnings({"unused"}) protected java.lang.Object newInstance( UnusedPrivateParameter unused) { - return new TestConsoleKey(); + return new Oauth2(); } @java.lang.Override @@ -31,7 +31,7 @@ protected java.lang.Object newInstance( getUnknownFields() { return this.unknownFields; } - private TestConsoleKey( + private Oauth2( com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException { @@ -81,22 +81,22 @@ private TestConsoleKey( } public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { - return org.wso2.apk.enforcer.discovery.api.APIAuthenticationProto.internal_static_wso2_discovery_api_TestConsoleKey_descriptor; + return org.wso2.apk.enforcer.discovery.api.APIAuthenticationProto.internal_static_wso2_discovery_api_Oauth2_descriptor; } @java.lang.Override protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable() { - return org.wso2.apk.enforcer.discovery.api.APIAuthenticationProto.internal_static_wso2_discovery_api_TestConsoleKey_fieldAccessorTable + return org.wso2.apk.enforcer.discovery.api.APIAuthenticationProto.internal_static_wso2_discovery_api_Oauth2_fieldAccessorTable .ensureFieldAccessorsInitialized( - org.wso2.apk.enforcer.discovery.api.TestConsoleKey.class, org.wso2.apk.enforcer.discovery.api.TestConsoleKey.Builder.class); + org.wso2.apk.enforcer.discovery.api.Oauth2.class, org.wso2.apk.enforcer.discovery.api.Oauth2.Builder.class); } public static final int HEADER_FIELD_NUMBER = 1; private volatile java.lang.Object header_; /** * 
-   * name of the header containing the test key
+   * name of the header containing the JWT
    *
* * string header = 1; @@ -117,7 +117,7 @@ public java.lang.String getHeader() { } /** * 
-   * name of the header containing the test key
+   * name of the header containing the JWT
    *
* * string header = 1; @@ -199,10 +199,10 @@ public boolean equals(final java.lang.Object obj) { if (obj == this) { return true; } - if (!(obj instanceof org.wso2.apk.enforcer.discovery.api.TestConsoleKey)) { + if (!(obj instanceof org.wso2.apk.enforcer.discovery.api.Oauth2)) { return super.equals(obj); } - org.wso2.apk.enforcer.discovery.api.TestConsoleKey other = (org.wso2.apk.enforcer.discovery.api.TestConsoleKey) obj; + org.wso2.apk.enforcer.discovery.api.Oauth2 other = (org.wso2.apk.enforcer.discovery.api.Oauth2) obj; if (!getHeader() .equals(other.getHeader())) return false; @@ -229,69 +229,69 @@ public int hashCode() { return hash; } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseFrom( + public static org.wso2.apk.enforcer.discovery.api.Oauth2 parseFrom( java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException { return PARSER.parseFrom(data); } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseFrom( + public static org.wso2.apk.enforcer.discovery.api.Oauth2 parseFrom( java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException { return PARSER.parseFrom(data, extensionRegistry); } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseFrom( + public static org.wso2.apk.enforcer.discovery.api.Oauth2 parseFrom( com.google.protobuf.ByteString data) throws com.google.protobuf.InvalidProtocolBufferException { return PARSER.parseFrom(data); } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseFrom( + public static org.wso2.apk.enforcer.discovery.api.Oauth2 parseFrom( com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException { return PARSER.parseFrom(data, extensionRegistry); } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseFrom(byte[] data) + public static org.wso2.apk.enforcer.discovery.api.Oauth2 parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException { return PARSER.parseFrom(data); } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseFrom( + public static org.wso2.apk.enforcer.discovery.api.Oauth2 parseFrom( byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException { return PARSER.parseFrom(data, extensionRegistry); } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseFrom(java.io.InputStream input) + public static org.wso2.apk.enforcer.discovery.api.Oauth2 parseFrom(java.io.InputStream input) throws java.io.IOException { return com.google.protobuf.GeneratedMessageV3 .parseWithIOException(PARSER, input); } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseFrom( + public static org.wso2.apk.enforcer.discovery.api.Oauth2 parseFrom( java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws java.io.IOException { return com.google.protobuf.GeneratedMessageV3 .parseWithIOException(PARSER, input, extensionRegistry); } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseDelimitedFrom(java.io.InputStream input) + public static org.wso2.apk.enforcer.discovery.api.Oauth2 parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException { return com.google.protobuf.GeneratedMessageV3 .parseDelimitedWithIOException(PARSER, input); } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseDelimitedFrom( + public static org.wso2.apk.enforcer.discovery.api.Oauth2 parseDelimitedFrom( java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws java.io.IOException { return com.google.protobuf.GeneratedMessageV3 .parseDelimitedWithIOException(PARSER, input, extensionRegistry); } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseFrom( + public static org.wso2.apk.enforcer.discovery.api.Oauth2 parseFrom( com.google.protobuf.CodedInputStream input) throws java.io.IOException { return com.google.protobuf.GeneratedMessageV3 .parseWithIOException(PARSER, input); } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseFrom( + public static org.wso2.apk.enforcer.discovery.api.Oauth2 parseFrom( com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws java.io.IOException { @@ -304,7 +304,7 @@ public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey parseFrom( public static Builder newBuilder() { return DEFAULT_INSTANCE.toBuilder(); } - public static Builder newBuilder(org.wso2.apk.enforcer.discovery.api.TestConsoleKey prototype) { + public static Builder newBuilder(org.wso2.apk.enforcer.discovery.api.Oauth2 prototype) { return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype); } @java.lang.Override @@ -320,26 +320,26 @@ protected Builder newBuilderForType( return builder; } /** - * Protobuf type {@code wso2.discovery.api.TestConsoleKey} + * Protobuf type {@code wso2.discovery.api.Oauth2} */ public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder implements - // @@protoc_insertion_point(builder_implements:wso2.discovery.api.TestConsoleKey) - org.wso2.apk.enforcer.discovery.api.TestConsoleKeyOrBuilder { + // @@protoc_insertion_point(builder_implements:wso2.discovery.api.Oauth2) + org.wso2.apk.enforcer.discovery.api.Oauth2OrBuilder { public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { - return org.wso2.apk.enforcer.discovery.api.APIAuthenticationProto.internal_static_wso2_discovery_api_TestConsoleKey_descriptor; + return org.wso2.apk.enforcer.discovery.api.APIAuthenticationProto.internal_static_wso2_discovery_api_Oauth2_descriptor; } @java.lang.Override protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable() { - return org.wso2.apk.enforcer.discovery.api.APIAuthenticationProto.internal_static_wso2_discovery_api_TestConsoleKey_fieldAccessorTable + return org.wso2.apk.enforcer.discovery.api.APIAuthenticationProto.internal_static_wso2_discovery_api_Oauth2_fieldAccessorTable .ensureFieldAccessorsInitialized( - org.wso2.apk.enforcer.discovery.api.TestConsoleKey.class, org.wso2.apk.enforcer.discovery.api.TestConsoleKey.Builder.class); + org.wso2.apk.enforcer.discovery.api.Oauth2.class, org.wso2.apk.enforcer.discovery.api.Oauth2.Builder.class); } - // Construct using org.wso2.apk.enforcer.discovery.api.TestConsoleKey.newBuilder() + // Construct using org.wso2.apk.enforcer.discovery.api.Oauth2.newBuilder() private Builder() { maybeForceBuilderInitialization(); } @@ -367,17 +367,17 @@ public Builder clear() { @java.lang.Override public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() { - return org.wso2.apk.enforcer.discovery.api.APIAuthenticationProto.internal_static_wso2_discovery_api_TestConsoleKey_descriptor; + return org.wso2.apk.enforcer.discovery.api.APIAuthenticationProto.internal_static_wso2_discovery_api_Oauth2_descriptor; } @java.lang.Override - public org.wso2.apk.enforcer.discovery.api.TestConsoleKey getDefaultInstanceForType() { - return org.wso2.apk.enforcer.discovery.api.TestConsoleKey.getDefaultInstance(); + public org.wso2.apk.enforcer.discovery.api.Oauth2 getDefaultInstanceForType() { + return org.wso2.apk.enforcer.discovery.api.Oauth2.getDefaultInstance(); } @java.lang.Override - public org.wso2.apk.enforcer.discovery.api.TestConsoleKey build() { - org.wso2.apk.enforcer.discovery.api.TestConsoleKey result = buildPartial(); + public org.wso2.apk.enforcer.discovery.api.Oauth2 build() { + org.wso2.apk.enforcer.discovery.api.Oauth2 result = buildPartial(); if (!result.isInitialized()) { throw newUninitializedMessageException(result); } @@ -385,8 +385,8 @@ public org.wso2.apk.enforcer.discovery.api.TestConsoleKey build() { } @java.lang.Override - public org.wso2.apk.enforcer.discovery.api.TestConsoleKey buildPartial() { - org.wso2.apk.enforcer.discovery.api.TestConsoleKey result = new org.wso2.apk.enforcer.discovery.api.TestConsoleKey(this); + public org.wso2.apk.enforcer.discovery.api.Oauth2 buildPartial() { + org.wso2.apk.enforcer.discovery.api.Oauth2 result = new org.wso2.apk.enforcer.discovery.api.Oauth2(this); result.header_ = header_; result.sendTokenToUpstream_ = sendTokenToUpstream_; onBuilt(); @@ -427,16 +427,16 @@ public Builder addRepeatedField( } @java.lang.Override public Builder mergeFrom(com.google.protobuf.Message other) { - if (other instanceof org.wso2.apk.enforcer.discovery.api.TestConsoleKey) { - return mergeFrom((org.wso2.apk.enforcer.discovery.api.TestConsoleKey)other); + if (other instanceof org.wso2.apk.enforcer.discovery.api.Oauth2) { + return mergeFrom((org.wso2.apk.enforcer.discovery.api.Oauth2)other); } else { super.mergeFrom(other); return this; } } - public Builder mergeFrom(org.wso2.apk.enforcer.discovery.api.TestConsoleKey other) { - if (other == org.wso2.apk.enforcer.discovery.api.TestConsoleKey.getDefaultInstance()) return this; + public Builder mergeFrom(org.wso2.apk.enforcer.discovery.api.Oauth2 other) { + if (other == org.wso2.apk.enforcer.discovery.api.Oauth2.getDefaultInstance()) return this; if (!other.getHeader().isEmpty()) { header_ = other.header_; onChanged(); @@ -459,11 +459,11 @@ public Builder mergeFrom( com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws java.io.IOException { - org.wso2.apk.enforcer.discovery.api.TestConsoleKey parsedMessage = null; + org.wso2.apk.enforcer.discovery.api.Oauth2 parsedMessage = null; try { parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry); } catch (com.google.protobuf.InvalidProtocolBufferException e) { - parsedMessage = (org.wso2.apk.enforcer.discovery.api.TestConsoleKey) e.getUnfinishedMessage(); + parsedMessage = (org.wso2.apk.enforcer.discovery.api.Oauth2) e.getUnfinishedMessage(); throw e.unwrapIOException(); } finally { if (parsedMessage != null) { @@ -476,7 +476,7 @@ public Builder mergeFrom( private java.lang.Object header_ = ""; /** * 
-     * name of the header containing the test key
+     * name of the header containing the JWT
      *
* * string header = 1; @@ -496,7 +496,7 @@ public java.lang.String getHeader() { } /** * 
-     * name of the header containing the test key
+     * name of the header containing the JWT
      *
* * string header = 1; @@ -517,7 +517,7 @@ public java.lang.String getHeader() { } /** * 
-     * name of the header containing the test key
+     * name of the header containing the JWT
      *
* * string header = 1; @@ -536,7 +536,7 @@ public Builder setHeader( } /** * 
-     * name of the header containing the test key
+     * name of the header containing the JWT
      *
* * string header = 1; @@ -550,7 +550,7 @@ public Builder clearHeader() { } /** * 
-     * name of the header containing the test key
+     * name of the header containing the JWT
      *
* * string header = 1; @@ -624,41 +624,41 @@ public final Builder mergeUnknownFields( } - // @@protoc_insertion_point(builder_scope:wso2.discovery.api.TestConsoleKey) + // @@protoc_insertion_point(builder_scope:wso2.discovery.api.Oauth2) } - // @@protoc_insertion_point(class_scope:wso2.discovery.api.TestConsoleKey) - private static final org.wso2.apk.enforcer.discovery.api.TestConsoleKey DEFAULT_INSTANCE; + // @@protoc_insertion_point(class_scope:wso2.discovery.api.Oauth2) + private static final org.wso2.apk.enforcer.discovery.api.Oauth2 DEFAULT_INSTANCE; static { - DEFAULT_INSTANCE = new org.wso2.apk.enforcer.discovery.api.TestConsoleKey(); + DEFAULT_INSTANCE = new org.wso2.apk.enforcer.discovery.api.Oauth2(); } - public static org.wso2.apk.enforcer.discovery.api.TestConsoleKey getDefaultInstance() { + public static org.wso2.apk.enforcer.discovery.api.Oauth2 getDefaultInstance() { return DEFAULT_INSTANCE; } - private static final com.google.protobuf.Parser - PARSER = new com.google.protobuf.AbstractParser() { + private static final com.google.protobuf.Parser + PARSER = new com.google.protobuf.AbstractParser() { @java.lang.Override - public TestConsoleKey parsePartialFrom( + public Oauth2 parsePartialFrom( com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException { - return new TestConsoleKey(input, extensionRegistry); + return new Oauth2(input, extensionRegistry); } }; - public static com.google.protobuf.Parser parser() { + public static com.google.protobuf.Parser parser() { return PARSER; } @java.lang.Override - public com.google.protobuf.Parser getParserForType() { + public com.google.protobuf.Parser getParserForType() { return PARSER; } @java.lang.Override - public org.wso2.apk.enforcer.discovery.api.TestConsoleKey getDefaultInstanceForType() { + public org.wso2.apk.enforcer.discovery.api.Oauth2 getDefaultInstanceForType() { return DEFAULT_INSTANCE; } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Oauth2OrBuilder.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Oauth2OrBuilder.java new file mode 100644 index 0000000000..1c8bd7ce7b --- /dev/null +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Oauth2OrBuilder.java @@ -0,0 +1,39 @@ +// Generated by the protocol buffer compiler. DO NOT EDIT! +// source: wso2/discovery/api/api_authentication.proto + +package org.wso2.apk.enforcer.discovery.api; + +public interface Oauth2OrBuilder extends + // @@protoc_insertion_point(interface_extends:wso2.discovery.api.Oauth2) + com.google.protobuf.MessageOrBuilder { + + /** + * 
+   * name of the header containing the JWT
+   *
+ * + * string header = 1; + * @return The header. + */ + java.lang.String getHeader(); + /** + * 
+   * name of the header containing the JWT
+   *
+ * + * string header = 1; + * @return The bytes for header. + */ + com.google.protobuf.ByteString + getHeaderBytes(); + + /** + * 
+   * send the token to upstream
+   *
+ * + * bool sendTokenToUpstream = 2; + * @return The sendTokenToUpstream. + */ + boolean getSendTokenToUpstream(); +} diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/service/apkmgt/EventServiceProto.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/service/apkmgt/EventServiceProto.java index 8125f757ac..2ebf3bdcc7 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/service/apkmgt/EventServiceProto.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/service/apkmgt/EventServiceProto.java @@ -34,11 +34,11 @@ public static void registerAllExtensions( "est\022\r\n\005event\030\001 \001(\t2o\n\022EventStreamService" + "\022Y\n\014StreamEvents\022!.discovery.service.apk" + "mgt.Request\032\".wso2.discovery.subscriptio" + - "n.Event\"\0000\001B\234\001\n.org.wso2.apk.enforcer.di" + + "n.Event\"\0000\001B\225\001\n.org.wso2.apk.enforcer.di" + "scovery.service.apkmgtB\021EventServiceProt" + - "oP\001ZRgithub.com/wso2/apk/common-go-libs/" + - "pkg/discovery/api/wso2/discovery/service" + - "/apkmgt\210\001\001b\006proto3" + "oP\001ZKgithub.com/wso2/apk/adapter/pkg/dis" + + "covery/api/wso2/discovery/service/apkmgt" + + "\210\001\001b\006proto3" }; descriptor = com.google.protobuf.Descriptors.FileDescriptor .internalBuildGeneratedFileFrom(descriptorData, diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/ApplicationKeyMappingProto.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/ApplicationKeyMappingProto.java index 3091c2736f..db027867bd 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/ApplicationKeyMappingProto.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/ApplicationKeyMappingProto.java @@ -34,11 +34,11 @@ public static void registerAllExtensions( "plicationUUID\030\001 \001(\t\022\026\n\016securityScheme\030\002 " + "\001(\t\022\035\n\025applicationIdentifier\030\003 \001(\t\022\017\n\007ke" + "yType\030\004 \001(\t\022\r\n\005envID\030\005 \001(\t\022\021\n\ttimestamp\030" + - "\006 \001(\003\022\024\n\014organization\030\007 \001(\tB\236\001\n,org.wso2" + + "\006 \001(\003\022\024\n\014organization\030\007 \001(\tB\227\001\n,org.wso2" + ".apk.enforcer.discovery.subscriptionB\032Ap" + - "plicationKeyMappingProtoP\001ZPgithub.com/w" + - "so2/apk/common-go-libs/pkg/discovery/api" + - "/wso2/discovery/subscriptionb\006proto3" + "plicationKeyMappingProtoP\001ZIgithub.com/w" + + "so2/apk/adapter/pkg/discovery/api/wso2/d" + + "iscovery/subscriptionb\006proto3" }; descriptor = com.google.protobuf.Descriptors.FileDescriptor .internalBuildGeneratedFileFrom(descriptorData, diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/ApplicationMappingProto.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/ApplicationMappingProto.java index 6162841889..db924973b6 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/ApplicationMappingProto.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/ApplicationMappingProto.java @@ -32,11 +32,11 @@ public static void registerAllExtensions( "nmapping.proto\022\033wso2.discovery.subscript" + "ion\"i\n\022ApplicationMapping\022\014\n\004uuid\030\001 \001(\t\022" + "\026\n\016applicationRef\030\002 \001(\t\022\027\n\017subscriptionR" + - "ef\030\003 \001(\t\022\024\n\014organization\030\004 \001(\tB\233\001\n,org.w" + + "ef\030\003 \001(\t\022\024\n\014organization\030\004 \001(\tB\224\001\n,org.w" + "so2.apk.enforcer.discovery.subscriptionB" + - "\027ApplicationMappingProtoP\001ZPgithub.com/w" + - "so2/apk/common-go-libs/pkg/discovery/api" + - "/wso2/discovery/subscriptionb\006proto3" + "\027ApplicationMappingProtoP\001ZIgithub.com/w" + + "so2/apk/adapter/pkg/discovery/api/wso2/d" + + "iscovery/subscriptionb\006proto3" }; descriptor = com.google.protobuf.Descriptors.FileDescriptor .internalBuildGeneratedFileFrom(descriptorData, diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/ApplicationProto.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/ApplicationProto.java index bfcf136f55..49d0be32a4 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/ApplicationProto.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/ApplicationProto.java @@ -40,11 +40,10 @@ public static void registerAllExtensions( "\nattributes\030\005 \003(\01328.wso2.discovery.subsc" + "ription.Application.AttributesEntry\0321\n\017A" + "ttributesEntry\022\013\n\003key\030\001 \001(\t\022\r\n\005value\030\002 \001" + - "(\t:\0028\001B\224\001\n,org.wso2.apk.enforcer.discove" + - "ry.subscriptionB\020ApplicationProtoP\001ZPgit" + - "hub.com/wso2/apk/common-go-libs/pkg/disc" + - "overy/api/wso2/discovery/subscriptionb\006p" + - "roto3" + "(\t:\0028\001B\215\001\n,org.wso2.apk.enforcer.discove" + + "ry.subscriptionB\020ApplicationProtoP\001ZIgit" + + "hub.com/wso2/apk/adapter/pkg/discovery/a" + + "pi/wso2/discovery/subscriptionb\006proto3" }; descriptor = com.google.protobuf.Descriptors.FileDescriptor .internalBuildGeneratedFileFrom(descriptorData, diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/EventProto.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/EventProto.java index ddf36b01e0..7c794cb2ec 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/EventProto.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/EventProto.java @@ -43,11 +43,11 @@ public static void registerAllExtensions( "pplicationKeyMapping\030\006 \001(\01322.wso2.discov" + "ery.subscription.ApplicationKeyMapping\022?" + "\n\014subscription\030\007 \001(\0132).wso2.discovery.su" + - "bscription.SubscriptionB\216\001\n,org.wso2.apk" + + "bscription.SubscriptionB\207\001\n,org.wso2.apk" + ".enforcer.discovery.subscriptionB\nEventP" + - "rotoP\001ZPgithub.com/wso2/apk/common-go-li" + - "bs/pkg/discovery/api/wso2/discovery/subs" + - "criptionb\006proto3" + "rotoP\001ZIgithub.com/wso2/apk/adapter/pkg/" + + "discovery/api/wso2/discovery/subscriptio" + + "nb\006proto3" }; descriptor = com.google.protobuf.Descriptors.FileDescriptor .internalBuildGeneratedFileFrom(descriptorData, diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/SubscriptionProto.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/SubscriptionProto.java index 14e8baa70e..d8fe93be36 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/SubscriptionProto.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/SubscriptionProto.java @@ -39,11 +39,11 @@ public static void registerAllExtensions( "d\030\002 \001(\t\022\024\n\014organization\030\003 \001(\t\022A\n\rsubscri" + "bedApi\030\004 \001(\0132*.wso2.discovery.subscripti" + "on.SubscribedAPI\".\n\rSubscribedAPI\022\014\n\004nam" + - "e\030\001 \001(\t\022\017\n\007version\030\002 \001(\tB\225\001\n,org.wso2.ap" + + "e\030\001 \001(\t\022\017\n\007version\030\002 \001(\tB\216\001\n,org.wso2.ap" + "k.enforcer.discovery.subscriptionB\021Subsc" + - "riptionProtoP\001ZPgithub.com/wso2/apk/comm" + - "on-go-libs/pkg/discovery/api/wso2/discov" + - "ery/subscriptionb\006proto3" + "riptionProtoP\001ZIgithub.com/wso2/apk/adap" + + "ter/pkg/discovery/api/wso2/discovery/sub" + + "scriptionb\006proto3" }; descriptor = com.google.protobuf.Descriptors.FileDescriptor .internalBuildGeneratedFileFrom(descriptorData, diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/AuthFilter.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/AuthFilter.java index 4771be0093..dcfa4dbf13 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/AuthFilter.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/AuthFilter.java @@ -32,8 +32,8 @@ import org.wso2.apk.enforcer.constants.APIConstants; import org.wso2.apk.enforcer.constants.InterceptorConstants; import org.wso2.apk.enforcer.security.jwt.APIKeyAuthenticator; -import org.wso2.apk.enforcer.security.jwt.InternalAPIKeyAuthenticator; import org.wso2.apk.enforcer.security.jwt.JWTAuthenticator; +import org.wso2.apk.enforcer.security.jwt.Oauth2Authenticator; import org.wso2.apk.enforcer.security.jwt.UnsecuredAPIAuthenticator; import org.wso2.apk.enforcer.security.mtls.MTLSAuthenticator; import org.wso2.apk.enforcer.util.FilterUtils; @@ -91,13 +91,13 @@ private void initializeAuthenticators(APIConfig apiConfig) { boolean isGatewayTokenCacheEnabled = enforcerConfig.getCacheDto().isEnabled(); JWTConfigurationDto jwtConfigurationDto = apiConfig.getJwtConfigurationDto(); - Authenticator jwtAuthenticator = new JWTAuthenticator(jwtConfigurationDto, isGatewayTokenCacheEnabled); - authenticators.add(jwtAuthenticator); + Authenticator oauthAuthenticator = new Oauth2Authenticator(jwtConfigurationDto, isGatewayTokenCacheEnabled); + authenticators.add(oauthAuthenticator); APIKeyAuthenticator apiKeyAuthenticator = new APIKeyAuthenticator(jwtConfigurationDto); authenticators.add(apiKeyAuthenticator); - Authenticator authenticator = new InternalAPIKeyAuthenticator(jwtConfigurationDto); - authenticators.add(authenticator); + Authenticator jwtAuthenticator = new JWTAuthenticator(jwtConfigurationDto, isGatewayTokenCacheEnabled); + authenticators.add(jwtAuthenticator); Authenticator unsecuredAPIAuthenticator = new UnsecuredAPIAuthenticator(); authenticators.add(unsecuredAPIAuthenticator); @@ -263,17 +263,18 @@ private void setInterceptorAPIMetadata(RequestContext requestContext) { private void populateRemoveAndProtectedAuthHeaders(RequestContext requestContext) { requestContext.getMatchedResourcePaths().forEach(resourcePath -> { + Oauth2AuthenticationConfig oauth2AuthenticationConfig = resourcePath.getAuthenticationConfig() + .getOauth2AuthenticationConfig(); JWTAuthenticationConfig jwtAuthenticationConfig = resourcePath.getAuthenticationConfig() .getJwtAuthenticationConfig(); - InternalKeyConfig internalKeyConfig = resourcePath.getAuthenticationConfig().getInternalKeyConfig(); List apiKeyAuthenticationConfig = resourcePath.getAuthenticationConfig() .getApiKeyAuthenticationConfigs(); + if (oauth2AuthenticationConfig != null && !oauth2AuthenticationConfig.isSendTokenToUpstream()) { + requestContext.getRemoveHeaders().add(oauth2AuthenticationConfig.getHeader()); + } if (jwtAuthenticationConfig != null && !jwtAuthenticationConfig.isSendTokenToUpstream()) { requestContext.getRemoveHeaders().add(jwtAuthenticationConfig.getHeader()); } - if (internalKeyConfig != null && !internalKeyConfig.isSendTokenToUpstream()) { - requestContext.getRemoveHeaders().add(internalKeyConfig.getHeader()); - } if (apiKeyAuthenticationConfig != null && !apiKeyAuthenticationConfig.isEmpty()) { requestContext.getQueryParamsToRemove().addAll(apiKeyAuthenticationConfig.stream() .filter(apiKeyAuthenticationConfig1 -> !apiKeyAuthenticationConfig1.isSendTokenToUpstream() diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/InternalAPIKeyAuthenticator.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/InternalAPIKeyAuthenticator.java deleted file mode 100644 index 54fa21740f..0000000000 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/InternalAPIKeyAuthenticator.java +++ /dev/null @@ -1,312 +0,0 @@ -/* - * Copyright (c) 2021, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.wso2.apk.enforcer.security.jwt; - -import com.nimbusds.jwt.JWTClaimsSet; -import com.nimbusds.jwt.SignedJWT; -import io.opentelemetry.context.Scope; -import net.minidev.json.JSONObject; -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; -import org.apache.logging.log4j.ThreadContext; -import org.wso2.apk.enforcer.common.CacheProviderUtil; -import org.wso2.apk.enforcer.commons.dto.JWTConfigurationDto; -import org.wso2.apk.enforcer.commons.dto.JWTInfoDto; -import org.wso2.apk.enforcer.commons.dto.JWTValidationInfo; -import org.wso2.apk.enforcer.commons.exception.APISecurityException; -import org.wso2.apk.enforcer.commons.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator; -import org.wso2.apk.enforcer.commons.logging.ErrorDetails; -import org.wso2.apk.enforcer.commons.logging.LoggingConstants; -import org.wso2.apk.enforcer.commons.model.AuthenticationContext; -import org.wso2.apk.enforcer.commons.model.InternalKeyConfig; -import org.wso2.apk.enforcer.commons.model.RequestContext; -import org.wso2.apk.enforcer.config.ConfigHolder; -import org.wso2.apk.enforcer.config.EnforcerConfig; -import org.wso2.apk.enforcer.config.dto.APIKeyIssuerDto; -import org.wso2.apk.enforcer.constants.APIConstants; -import org.wso2.apk.enforcer.constants.APISecurityConstants; -import org.wso2.apk.enforcer.dto.APIKeyValidationInfoDTO; -import org.wso2.apk.enforcer.dto.JWTTokenPayloadInfo; -import org.wso2.apk.enforcer.tracing.TracingConstants; -import org.wso2.apk.enforcer.tracing.TracingSpan; -import org.wso2.apk.enforcer.tracing.TracingTracer; -import org.wso2.apk.enforcer.tracing.Utils; -import org.wso2.apk.enforcer.util.BackendJwtUtils; -import org.wso2.apk.enforcer.util.FilterUtils; - -import java.text.ParseException; - -/** - * Implements the authenticator interface to authenticate request using an Internal Key. - */ -public class InternalAPIKeyAuthenticator extends APIKeyHandler { - - private static final Logger log = LogManager.getLogger(InternalAPIKeyAuthenticator.class); - - private AbstractAPIMgtGatewayJWTGenerator jwtGenerator; - private final boolean isGatewayTokenCacheEnabled; - - public InternalAPIKeyAuthenticator(final JWTConfigurationDto jwtConfigurationDto) { - - EnforcerConfig enforcerConfig = ConfigHolder.getInstance().getConfig(); - this.isGatewayTokenCacheEnabled = enforcerConfig.getCacheDto().isEnabled(); - if (jwtConfigurationDto.isEnabled()) { - this.jwtGenerator = BackendJwtUtils.getApiMgtGatewayJWTGenerator(jwtConfigurationDto); - } - } - - @Override - public boolean canAuthenticate(RequestContext requestContext) { - - InternalKeyConfig internalKeyConfig = requestContext.getMatchedResourcePaths().get(0) - .getAuthenticationConfig().getInternalKeyConfig(); - if (internalKeyConfig != null) { - String internalKey = requestContext.getHeaders().get(internalKeyConfig.getHeader()); - return isAPIKey(internalKey); - } - return false; - } - - @Override - public AuthenticationContext authenticate(RequestContext requestContext) throws APISecurityException { - - TracingTracer tracer = null; - TracingSpan apiKeyAuthenticatorSpan = null; - Scope apiKeyAuthenticatorSpanScope = null; - TracingSpan apiKeyValidateSubscriptionSpan = null; - TracingSpan verifyTokenInCacheSpan = null; - TracingSpan verifyTokenWithoutCacheSpan = null; - - if (requestContext.getMatchedAPI() != null) { - log.debug("Internal Key Authentication initialized"); - - try { - if (Utils.tracingEnabled()) { - tracer = Utils.getGlobalTracer(); - apiKeyAuthenticatorSpan = Utils.startSpan(TracingConstants.API_KEY_AUTHENTICATOR_SPAN, tracer); - apiKeyAuthenticatorSpanScope = apiKeyAuthenticatorSpan.getSpan().makeCurrent(); - Utils.setTag(apiKeyAuthenticatorSpan, APIConstants.LOG_TRACE_ID, - ThreadContext.get(APIConstants.LOG_TRACE_ID)); - } - // Extract internal from the request while removing it from the msg context. - String internalKey = requestContext.getHeaders().get(requestContext.getMatchedResourcePaths().get(0) - .getAuthenticationConfig().getInternalKeyConfig().getHeader()); - - String[] splitToken = internalKey.split("\\."); - SignedJWT signedJWT = SignedJWT.parse(internalKey); - JWTClaimsSet payload = signedJWT.getJWTClaimsSet(); - - // Check if the decoded header contains type as 'InternalKey'. - if (!isInternalKey(payload)) { - log.error("Invalid Internal Key token type. " + FilterUtils.getMaskedToken(splitToken[0])); - // To provide support for API keys. If internal key name's header name value changed similar - // to the API key header name this will enable that support. - AuthenticationContext authenticationContext = new AuthenticationContext(); - authenticationContext.setAuthenticated(false); - - // We check the type before verifying the signature. In case the type was incorrect but also not an - // API key, this will throw a NPE at RestAPI class setStatusCode method. This prevents it. - FilterUtils.setUnauthenticatedErrorToContext(requestContext); - return authenticationContext; - } - - String tokenIdentifier = payload.getJWTID(); - - checkInRevokedMap(tokenIdentifier, splitToken); - - String apiVersion = requestContext.getMatchedAPI().getVersion(); - String apiContext = requestContext.getMatchedAPI().getBasePath(); - String organization = requestContext.getMatchedAPI().getOrganizationId(); - // Verify token when it is found in cache - JWTTokenPayloadInfo jwtTokenPayloadInfo = (JWTTokenPayloadInfo) - CacheProviderUtil.getOrganizationCache(organization).getGatewayInternalKeyDataCache().getIfPresent(tokenIdentifier); - - boolean isVerified = isVerifiedApiKeyInCache(tokenIdentifier, internalKey, payload, splitToken, - "InternalKey", jwtTokenPayloadInfo, organization); - Scope verifyTokenInCacheSpanScope = null; - if (jwtTokenPayloadInfo != null) { - if (Utils.tracingEnabled()) { - verifyTokenInCacheSpan = Utils.startSpan(TracingConstants.VERIFY_TOKEN_IN_CACHE_SPAN, tracer); - verifyTokenInCacheSpanScope = verifyTokenInCacheSpan.getSpan().makeCurrent(); - Utils.setTag(verifyTokenInCacheSpan, APIConstants.LOG_TRACE_ID, - ThreadContext.get(APIConstants.LOG_TRACE_ID)); - } - String cachedToken = jwtTokenPayloadInfo.getAccessToken(); - isVerified = cachedToken.equals(internalKey) && !isJwtTokenExpired(payload, "InternalKey", - organization); - if (Utils.tracingEnabled()) { - verifyTokenInCacheSpanScope.close(); - Utils.finishSpan(verifyTokenInCacheSpan); - } - } else if (CacheProviderUtil.getOrganizationCache(organization).getInvalidGatewayInternalKeyCache().getIfPresent(tokenIdentifier) != null - && internalKey - .equals(CacheProviderUtil.getOrganizationCache(organization).getInvalidGatewayInternalKeyCache().getIfPresent(tokenIdentifier))) { - - log.debug("Internal Key retrieved from the invalid internal Key cache. Internal Key: " - + FilterUtils.getMaskedToken(splitToken[0])); - - log.error("Invalid Internal Key. " + FilterUtils.getMaskedToken(splitToken[0])); - throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), - APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, - APISecurityConstants.API_AUTH_INVALID_CREDENTIALS_MESSAGE); - } - - Scope verifyTokenWithoutCacheSpanScope = null; - // Verify token when it is not found in cache - if (!isVerified) { - log.debug("Internal Key not found in the cache."); - if (Utils.tracingEnabled()) { - verifyTokenWithoutCacheSpan = Utils.startSpan(TracingConstants.VERIFY_TOKEN_SPAN, tracer); - verifyTokenWithoutCacheSpanScope = verifyTokenWithoutCacheSpan.getSpan().makeCurrent(); - Utils.setTag(verifyTokenWithoutCacheSpan, APIConstants.LOG_TRACE_ID, - ThreadContext.get(APIConstants.LOG_TRACE_ID)); - } - try { - APIKeyIssuerDto runtimeTokenIssuerDto = - ConfigHolder.getInstance().getConfig().getRuntimeTokenIssuerDto(); - if (runtimeTokenIssuerDto != null && runtimeTokenIssuerDto.isEnabled()) { - isVerified = verifyTokenWhenNotInCache(runtimeTokenIssuerDto.getPublicCertificate(), - signedJWT, splitToken, payload, "InternalKey", organization); - } else { - // Logs an error only if Internal Keys are used. - log.error("InternalAPIKeyAuthenticator has not been properly initialized. {} {}", - "Empty certificate alias.", - ErrorDetails.errorLog(LoggingConstants.Severity.MAJOR, 6605)); - } - } finally { - if (Utils.tracingEnabled()) { - if (verifyTokenWithoutCacheSpanScope != null) { - verifyTokenWithoutCacheSpanScope.close(); - } - if (verifyTokenWithoutCacheSpan != null) { - Utils.finishSpan(verifyTokenWithoutCacheSpan); - } - } - } - } - - if (isVerified) { - log.debug("Internal Key signature is verified."); - - if (jwtTokenPayloadInfo == null) { - // Retrieve payload from InternalKey - log.debug("InternalKey payload not found in the cache."); - - jwtTokenPayloadInfo = new JWTTokenPayloadInfo(); - jwtTokenPayloadInfo.setPayload(payload); - jwtTokenPayloadInfo.setAccessToken(internalKey); - CacheProviderUtil.getOrganizationCache(organization).getGatewayInternalKeyDataCache().put(tokenIdentifier, jwtTokenPayloadInfo); - } - Scope apiKeyValidateSubscriptionSpanScope = null; - if (Utils.tracingEnabled()) { - apiKeyValidateSubscriptionSpan = Utils - .startSpan(TracingConstants.API_KEY_VALIDATE_SUBSCRIPTION_SPAN, tracer); - apiKeyValidateSubscriptionSpanScope = apiKeyValidateSubscriptionSpan.getSpan().makeCurrent(); - Utils.setTag(apiKeyValidateSubscriptionSpan, APIConstants.LOG_TRACE_ID, - ThreadContext.get(APIConstants.LOG_TRACE_ID)); - } - JSONObject api; // kept outside to make this reachable for methods outside the try block - try { - api = validateAPISubscription(apiContext, apiVersion, payload, splitToken, - false); - if (api != null) { - log.debug("Internal Key Authentication is successful."); - } - } finally { - log.debug("Internal Key authentication is completed."); - if (Utils.tracingEnabled()) { - apiKeyValidateSubscriptionSpanScope.close(); - Utils.finishSpan(apiKeyValidateSubscriptionSpan); - } - } - //Get APIKeyValidationInfoDTO for internal key with limited info - APIKeyValidationInfoDTO apiKeyValidationInfoDTO = getAPIKeyValidationDTO(requestContext); - - // Generate or get backend JWT - JWTConfigurationDto jwtConfigurationDto = ConfigHolder.getInstance(). - getConfig().getJwtConfigurationDto(); - if (jwtConfigurationDto.isEnabled()) { - JWTValidationInfo validationInfo = new JWTValidationInfo(); - validationInfo.setUser(payload.getSubject()); - JWTInfoDto jwtInfoDto = FilterUtils - .generateJWTInfoDto(null, validationInfo, apiKeyValidationInfoDTO, requestContext); - String endUserToken = BackendJwtUtils.generateAndRetrieveJWTToken(jwtGenerator, tokenIdentifier, - jwtInfoDto, isGatewayTokenCacheEnabled, organization); - // Set generated jwt token as a response header - requestContext.addOrModifyHeaders(jwtConfigurationDto.getJwtHeader(), endUserToken); - } - - return FilterUtils.generateAuthenticationContext(tokenIdentifier, payload, api, - requestContext.getMatchedAPI().getUuid(), internalKey); - } else { - log.error("Internal Key authentication failed. " + FilterUtils.getMaskedToken(splitToken[0]), - ErrorDetails.errorLog(LoggingConstants.Severity.MINOR, 6602)); - CacheProviderUtil.getOrganizationCache(organization).getGatewayInternalKeyDataCache().invalidate(payload.getJWTID()); - CacheProviderUtil.getOrganizationCache(organization).getInvalidGatewayInternalKeyCache().put(payload.getJWTID(), internalKey); - throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), - APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, - APISecurityConstants.API_AUTH_INVALID_CREDENTIALS_MESSAGE); - } - } catch (ParseException e) { - log.warn("Internal Key authentication failed. ", e); - throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), - APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, - "Internal key authentication failed."); - - } finally { - if (Utils.tracingEnabled()) { - apiKeyAuthenticatorSpanScope.close(); - Utils.finishSpan(apiKeyAuthenticatorSpan); - } - } - } - throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), - APISecurityConstants.API_AUTH_GENERAL_ERROR, APISecurityConstants.API_AUTH_GENERAL_ERROR_MESSAGE); - } - - private APIKeyValidationInfoDTO getAPIKeyValidationDTO(RequestContext requestContext) - throws ParseException { - - APIKeyValidationInfoDTO validationInfoDTO = new APIKeyValidationInfoDTO(); - validationInfoDTO.setType(requestContext.getMatchedAPI().getEnvType()); - - //check whether name is assigned correctly (This was not populated in JWTAuthenticator) - validationInfoDTO.setApiName(requestContext.getMatchedAPI().getName()); - validationInfoDTO.setApiVersion(requestContext.getMatchedAPI().getVersion()); - return validationInfoDTO; - } - - @Override - public String getChallengeString() { - - return ""; - } - - @Override - public String getName() { - - return "Internal Key"; - } - - @Override - public int getPriority() { - - return -10; - } -} - diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/JWTAuthenticator.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/JWTAuthenticator.java index 6e3c52c35b..a38c0e2922 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/JWTAuthenticator.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/JWTAuthenticator.java @@ -30,9 +30,9 @@ import org.wso2.apk.enforcer.commons.dto.JWTConfigurationDto; import org.wso2.apk.enforcer.commons.dto.JWTInfoDto; import org.wso2.apk.enforcer.commons.dto.JWTValidationInfo; -import org.wso2.apk.enforcer.commons.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator; import org.wso2.apk.enforcer.commons.exception.APISecurityException; import org.wso2.apk.enforcer.commons.exception.EnforcerException; +import org.wso2.apk.enforcer.commons.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator; import org.wso2.apk.enforcer.commons.model.APIConfig; import org.wso2.apk.enforcer.commons.model.AuthenticationContext; import org.wso2.apk.enforcer.commons.model.RequestContext; @@ -44,11 +44,10 @@ import org.wso2.apk.enforcer.security.Authenticator; import org.wso2.apk.enforcer.security.KeyValidator; import org.wso2.apk.enforcer.security.TokenValidationContext; -import org.wso2.apk.enforcer.security.jwt.validator.JWTConstants; import org.wso2.apk.enforcer.security.jwt.validator.JWTValidator; import org.wso2.apk.enforcer.security.jwt.validator.RevokedJWTDataHolder; -import org.wso2.apk.enforcer.subscription.SubscriptionDataHolder; import org.wso2.apk.enforcer.server.RevokedTokenRedisClient; +import org.wso2.apk.enforcer.subscription.SubscriptionDataHolder; import org.wso2.apk.enforcer.tracing.TracingConstants; import org.wso2.apk.enforcer.tracing.TracingSpan; import org.wso2.apk.enforcer.tracing.TracingTracer; @@ -62,6 +61,7 @@ import java.util.Date; import java.util.HashMap; import java.util.HashSet; +import java.util.List; import java.util.Map; import java.util.Set; @@ -89,15 +89,7 @@ public boolean canAuthenticate(RequestContext requestContext) { if (!StringUtils.equals(authHeader, "")) { String authHeaderValue = retrieveAuthHeaderValue(requestContext, authHeader); - - // Check keyword bearer in header to prevent conflicts with custom authentication - // (that maybe added with custom filters / interceptors / opa) - // which also includes a jwt in the auth header yet with a scheme other than 'bearer'. - // - // StringUtils.startsWithIgnoreCase(null, "bearer") = false - // StringUtils.startsWithIgnoreCase("abc", "bearer") = false - // StringUtils.startsWithIgnoreCase("Bearer abc", "bearer") = true - return StringUtils.startsWithIgnoreCase(authHeaderValue, JWTConstants.BEARER) && authHeaderValue.trim().split("\\s+").length == 2 && authHeaderValue.split("\\.").length == 3; + return authHeaderValue != null && !StringUtils.containsWhitespace(authHeaderValue) && authHeaderValue.split("\\.").length == 3; } return false; } @@ -121,11 +113,6 @@ public AuthenticationContext authenticate(RequestContext requestContext) throws } String authHeader = getTokenHeader(requestContext.getMatchedResourcePaths()); String jwtToken = retrieveAuthHeaderValue(requestContext, authHeader); - String[] splitToken = jwtToken.split("\\s"); - // Extract the token when it is sent as bearer token. i.e Authorization: Bearer - if (splitToken.length > 1) { - jwtToken = splitToken[1]; - } String context = requestContext.getMatchedAPI().getBasePath(); String name = requestContext.getMatchedAPI().getName(); String envType = requestContext.getMatchedAPI().getEnvType(); @@ -142,6 +129,12 @@ public AuthenticationContext authenticate(RequestContext requestContext) throws } if (validationInfo != null) { if (validationInfo.isValid()) { + List audFromAPI = getAudience(requestContext.getMatchedResourcePaths()); + List audFromToken = validationInfo.getAudience(); + if (!checkAllExist(audFromAPI, audFromToken)) { + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, "Required audience not available in the JWT aud."); + } Map claims = validationInfo.getClaims(); // Validate token type Object keyType = claims.get("keytype"); @@ -177,7 +170,7 @@ public AuthenticationContext authenticate(RequestContext requestContext) throws if (consumerKey != null) { validateSubscriptionUsingConsumerKey(apiKeyValidationInfoDTO, name, version, context, consumerKey, envType, organization, - splitToken, requestContext.getMatchedAPI()); + "", requestContext.getMatchedAPI()); } else { log.error("Error while extracting consumer key from token"); throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), @@ -274,10 +267,21 @@ private String getTokenHeader(ArrayList matchedResourceConfigs) return ""; } + private ArrayList getAudience(ArrayList matchedResourceConfigs) { + ArrayList audience = new ArrayList<>(); + for (ResourceConfig resourceConfig : matchedResourceConfigs) { + if (resourceConfig.getAuthenticationConfig() != null && + resourceConfig.getAuthenticationConfig().getJwtAuthenticationConfig() != null) { + return resourceConfig.getAuthenticationConfig().getJwtAuthenticationConfig().getAudience(); + } + } + return audience; + } + @Override public String getChallengeString() { - return "Bearer realm=\"APK\""; + return "JWT realm=\"APK\""; } @Override @@ -344,13 +348,13 @@ private void validateScopes(String apiContext, String apiVersion, ArrayList list1, List list2) { + return list1.stream().allMatch(list2::contains); + } } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/Oauth2Authenticator.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/Oauth2Authenticator.java new file mode 100644 index 0000000000..bda7170983 --- /dev/null +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/Oauth2Authenticator.java @@ -0,0 +1,516 @@ +/* + * Copyright (c) 2021, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.wso2.apk.enforcer.security.jwt; + +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.SignedJWT; +import com.nimbusds.jwt.util.DateUtils; +import io.opentelemetry.context.Scope; +import org.apache.commons.lang3.StringUtils; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.apache.logging.log4j.ThreadContext; +import org.wso2.apk.enforcer.common.CacheProviderUtil; +import org.wso2.apk.enforcer.commons.dto.ClaimValueDTO; +import org.wso2.apk.enforcer.commons.dto.JWTConfigurationDto; +import org.wso2.apk.enforcer.commons.dto.JWTInfoDto; +import org.wso2.apk.enforcer.commons.dto.JWTValidationInfo; +import org.wso2.apk.enforcer.commons.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator; +import org.wso2.apk.enforcer.commons.exception.APISecurityException; +import org.wso2.apk.enforcer.commons.exception.EnforcerException; +import org.wso2.apk.enforcer.commons.model.APIConfig; +import org.wso2.apk.enforcer.commons.model.AuthenticationContext; +import org.wso2.apk.enforcer.commons.model.RequestContext; +import org.wso2.apk.enforcer.commons.model.ResourceConfig; +import org.wso2.apk.enforcer.config.ConfigHolder; +import org.wso2.apk.enforcer.constants.APIConstants; +import org.wso2.apk.enforcer.constants.APISecurityConstants; +import org.wso2.apk.enforcer.dto.APIKeyValidationInfoDTO; +import org.wso2.apk.enforcer.security.Authenticator; +import org.wso2.apk.enforcer.security.KeyValidator; +import org.wso2.apk.enforcer.security.TokenValidationContext; +import org.wso2.apk.enforcer.security.jwt.validator.JWTConstants; +import org.wso2.apk.enforcer.security.jwt.validator.JWTValidator; +import org.wso2.apk.enforcer.security.jwt.validator.RevokedJWTDataHolder; +import org.wso2.apk.enforcer.subscription.SubscriptionDataHolder; +import org.wso2.apk.enforcer.server.RevokedTokenRedisClient; +import org.wso2.apk.enforcer.tracing.TracingConstants; +import org.wso2.apk.enforcer.tracing.TracingSpan; +import org.wso2.apk.enforcer.tracing.TracingTracer; +import org.wso2.apk.enforcer.tracing.Utils; +import org.wso2.apk.enforcer.util.BackendJwtUtils; +import org.wso2.apk.enforcer.util.FilterUtils; +import org.wso2.apk.enforcer.util.JWTUtils; + +import java.text.ParseException; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; +import java.util.Set; + +/** + * Implements the authenticator interface to authenticate request using a JWT token. + */ +public class Oauth2Authenticator implements Authenticator { + + private static final Logger log = LogManager.getLogger(Oauth2Authenticator.class); + private final boolean isGatewayTokenCacheEnabled; + private AbstractAPIMgtGatewayJWTGenerator jwtGenerator; + + public Oauth2Authenticator(final JWTConfigurationDto jwtConfigurationDto, final boolean isGatewayTokenCacheEnabled) { + + this.isGatewayTokenCacheEnabled = isGatewayTokenCacheEnabled; + if (jwtConfigurationDto.isEnabled()) { + this.jwtGenerator = BackendJwtUtils.getApiMgtGatewayJWTGenerator(jwtConfigurationDto); + this.jwtGenerator.setJWTConfigurationDto(jwtConfigurationDto); + } + } + + @Override + public boolean canAuthenticate(RequestContext requestContext) { + String authHeader = getTokenHeader(requestContext.getMatchedResourcePaths()); + + if (!StringUtils.equals(authHeader, "")) { + String authHeaderValue = retrieveAuthHeaderValue(requestContext, authHeader); + + // Check keyword bearer in header to prevent conflicts with custom authentication + // (that maybe added with custom filters / interceptors / opa) + // which also includes a jwt in the auth header yet with a scheme other than 'bearer'. + // + // StringUtils.startsWithIgnoreCase(null, "bearer") = false + // StringUtils.startsWithIgnoreCase("abc", "bearer") = false + // StringUtils.startsWithIgnoreCase("Bearer abc", "bearer") = true + return StringUtils.startsWithIgnoreCase(authHeaderValue, JWTConstants.BEARER) && authHeaderValue.trim().split("\\s+").length == 2 && authHeaderValue.split("\\.").length == 3; + } + return false; + } + + @Override + public AuthenticationContext authenticate(RequestContext requestContext) throws APISecurityException { + + TracingTracer tracer = null; + TracingSpan jwtAuthenticatorInfoSpan = null; + Scope jwtAuthenticatorInfoSpanScope = null; + TracingSpan validateSubscriptionSpan = null; + TracingSpan validateScopesSpan = null; + + try { + if (Utils.tracingEnabled()) { + tracer = Utils.getGlobalTracer(); + jwtAuthenticatorInfoSpan = Utils.startSpan(TracingConstants.JWT_AUTHENTICATOR_SPAN, tracer); + jwtAuthenticatorInfoSpanScope = jwtAuthenticatorInfoSpan.getSpan().makeCurrent(); + Utils.setTag(jwtAuthenticatorInfoSpan, APIConstants.LOG_TRACE_ID, + ThreadContext.get(APIConstants.LOG_TRACE_ID)); + } + String authHeader = getTokenHeader(requestContext.getMatchedResourcePaths()); + String jwtToken = retrieveAuthHeaderValue(requestContext, authHeader); + String[] splitToken = jwtToken.split("\\s"); + // Extract the token when it is sent as bearer token. i.e Authorization: Bearer + if (splitToken.length > 1) { + jwtToken = splitToken[1]; + } + String context = requestContext.getMatchedAPI().getBasePath(); + String name = requestContext.getMatchedAPI().getName(); + String envType = requestContext.getMatchedAPI().getEnvType(); + String version = requestContext.getMatchedAPI().getVersion(); + String organization = requestContext.getMatchedAPI().getOrganizationId(); + String environment = requestContext.getMatchedAPI().getEnvironment(); + + JWTValidationInfo validationInfo = getJwtValidationInfo(jwtToken, organization, environment); + if (RevokedTokenRedisClient.getRevokedTokens().contains(validationInfo.getIdentifier())) { + log.info("Revoked JWT token. ", validationInfo.getIdentifier()); + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS_MESSAGE); + } + if (validationInfo != null) { + if (validationInfo.isValid()) { + Map claims = validationInfo.getClaims(); + // Validate token type + Object keyType = claims.get("keytype"); + if (keyType != null && !keyType.toString().equalsIgnoreCase(requestContext.getMatchedAPI().getEnvType())) { + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, "Invalid key type."); + } + + // Validate subscriptions + APIKeyValidationInfoDTO apiKeyValidationInfoDTO = new APIKeyValidationInfoDTO(); + Scope validateSubscriptionSpanScope = null; + boolean isSystemAPI = requestContext.getMatchedAPI().isSystemAPI(); + boolean isGatewayLevelSubscriptionValidationEnabled = ConfigHolder.getInstance().getConfig() + .getMandateSubscriptionValidation(); + try { + // If subscription validation is mandated at Gateway level, all API invocations should undergo + // subscription validation. When not mandated, we check whether the API has enabled + // subscription validation. + if (!isSystemAPI && (isGatewayLevelSubscriptionValidationEnabled || requestContext.getMatchedAPI() + .isSubscriptionValidation())) { + if (Utils.tracingEnabled()) { + validateSubscriptionSpan = + Utils.startSpan(TracingConstants.SUBSCRIPTION_VALIDATION_SPAN, tracer); + validateSubscriptionSpanScope = validateSubscriptionSpan.getSpan().makeCurrent(); + Utils.setTag(validateSubscriptionSpan, APIConstants.LOG_TRACE_ID, + ThreadContext.get(APIConstants.LOG_TRACE_ID)); + } + + // Get consumer key from the JWT token claim set + String consumerKey = validationInfo.getConsumerKey(); + + // Subscription validation using consumer key + if (consumerKey != null) { + validateSubscriptionUsingConsumerKey(apiKeyValidationInfoDTO, name, version, context, + consumerKey, envType, organization, + splitToken, requestContext.getMatchedAPI()); + } else { + log.error("Error while extracting consumer key from token"); + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, + "Invalid JWT token. Error while extracting consumer key from token"); + } + } else { + // In this case, the application related properties are populated so that analytics + // could provide much better insights. + // Since application notion becomes less meaningful with subscription validation disabled, + // the application name would be populated under the convention "anon:" + JWTUtils.updateApplicationNameForSubscriptionDisabledFlow(apiKeyValidationInfoDTO, + APIConstants.KeyManager.DEFAULT_KEY_MANAGER); + } + } finally { + if (Utils.tracingEnabled()) { + if (validateSubscriptionSpan != null) { + validateSubscriptionSpanScope.close(); + Utils.finishSpan(validateSubscriptionSpan); + } + } + } + + // Validate scopes + Scope validateScopesSpanScope = null; + try { + if (Utils.tracingEnabled()) { + validateScopesSpan = Utils.startSpan(TracingConstants.SCOPES_VALIDATION_SPAN, tracer); + validateScopesSpanScope = validateScopesSpan.getSpan().makeCurrent(); + Utils.setTag(validateScopesSpan, APIConstants.LOG_TRACE_ID, + ThreadContext.get(APIConstants.LOG_TRACE_ID)); + } + validateScopes(context, version, requestContext.getMatchedResourcePaths(), validationInfo, + jwtToken); + } finally { + if (Utils.tracingEnabled()) { + validateScopesSpanScope.close(); + Utils.finishSpan(validateScopesSpan); + } + } + log.debug("JWT authentication successful."); + + // Generate or get backend JWT + String endUserToken = null; + + // jwt generator is only set if the backend jwt is enabled + if (this.jwtGenerator != null) { + JWTConfigurationDto configurationDto = this.jwtGenerator.getJWTConfigurationDto(); + Map claimMap = new HashMap<>(); + if (configurationDto != null) { + claimMap = configurationDto.getCustomClaims(); + } + JWTInfoDto jwtInfoDto = FilterUtils.generateJWTInfoDto(null, validationInfo, + apiKeyValidationInfoDTO, requestContext); + + // set custom claims get from the CR + jwtInfoDto.setClaims(claimMap); + endUserToken = BackendJwtUtils.generateAndRetrieveJWTToken(this.jwtGenerator, + validationInfo.getIdentifier(), jwtInfoDto, isGatewayTokenCacheEnabled, organization); + // Set generated jwt token as a response header + // Change the backendJWTConfig to API level + requestContext.addOrModifyHeaders(this.jwtGenerator.getJWTConfigurationDto().getJwtHeader(), + endUserToken); + } + + return FilterUtils.generateAuthenticationContext(requestContext, validationInfo.getIdentifier(), + validationInfo, apiKeyValidationInfoDTO, endUserToken, jwtToken, true); + } else { + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + validationInfo.getValidationCode(), + APISecurityConstants.getAuthenticationFailureMessage(validationInfo.getValidationCode())); + } + } else { + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_GENERAL_ERROR, + APISecurityConstants.API_AUTH_GENERAL_ERROR_MESSAGE); + } + } finally { + if (Utils.tracingEnabled()) { + jwtAuthenticatorInfoSpanScope.close(); + Utils.finishSpan(jwtAuthenticatorInfoSpan); + } + } + + } + + private String getTokenHeader(ArrayList matchedResourceConfigs) { + for (ResourceConfig resourceConfig : matchedResourceConfigs) { + if (resourceConfig.getAuthenticationConfig() != null && + resourceConfig.getAuthenticationConfig().getOauth2AuthenticationConfig() != null) { + return resourceConfig.getAuthenticationConfig().getOauth2AuthenticationConfig().getHeader(); + } + } + return ""; + } + + @Override + public String getChallengeString() { + + return "Bearer realm=\"APK\""; + } + + @Override + public String getName() { + + return "Oauth2"; + } + + @Override + public int getPriority() { + + return 10; + } + + private String retrieveAuthHeaderValue(RequestContext requestContext, String header) { + Map headers = requestContext.getHeaders(); + return headers.get(header); + } + + /** + * Validate scopes bound to the resource of the API being invoked against the scopes specified + * in the JWT token payload. + * + * @param apiContext API Context + * @param apiVersion API Version + * @param matchingResources Accessed API resources + * @param jwtValidationInfo Validated JWT Information + * @param jwtToken JWT Token + * @throws APISecurityException in case of scope validation failure + */ + private void validateScopes(String apiContext, String apiVersion, ArrayList matchingResources, + JWTValidationInfo jwtValidationInfo, String jwtToken) throws APISecurityException { + + APIKeyValidationInfoDTO apiKeyValidationInfoDTO = new APIKeyValidationInfoDTO(); + Set scopeSet = new HashSet<>(jwtValidationInfo.getScopes()); + apiKeyValidationInfoDTO.setScopes(scopeSet); + + TokenValidationContext tokenValidationContext = new TokenValidationContext(); + tokenValidationContext.setValidationInfoDTO(apiKeyValidationInfoDTO); + + tokenValidationContext.setAccessToken(jwtToken); + // since matching resources has same method for all, just get the first element's method is adequate. + // i.e. graphQL matching resources has same operation type for a request. + tokenValidationContext.setHttpVerb(matchingResources.get(0).getMethod().toString()); + tokenValidationContext.setMatchingResourceConfigs(matchingResources); + tokenValidationContext.setContext(apiContext); + tokenValidationContext.setVersion(apiVersion); + + boolean valid = KeyValidator.validateScopes(tokenValidationContext); + if (valid) { + log.debug("Scope validation was successful for the resource."); + } + } + + /** + * Validate whether the user is subscribed to the invoked API using consumer key. If subscribed, validate + * the API information embedded within the Subscription against the information from the request context. + * + * @param validationInfo Token validation related details. This will be populated based on the available data + * during the subscription validation. + * @param name API name + * @param version API version + * @param context API context + * @param consumerKey Consumer key extracted from the jwt token claim set + * @param envType The environment type, i.e. PRODUCTION or SANDBOX + * @param organization Organization extracted from the request context + * @param splitToken The split token + * @param matchedAPI + * @throws APISecurityException if the user is not subscribed to the API + */ + private void validateSubscriptionUsingConsumerKey(APIKeyValidationInfoDTO validationInfo, String name, + String version, String context, String consumerKey, + String envType, String organization, String[] splitToken, + APIConfig matchedAPI) throws APISecurityException { + + validationInfo.setApiName(name); + validationInfo.setApiVersion(version); + validationInfo.setApiContext(context); + validationInfo.setConsumerKey(consumerKey); + validationInfo.setType(matchedAPI.getApiType()); + validationInfo.setEnvType(envType); + validationInfo.setEnvironment(matchedAPI.getEnvironment()); + validationInfo.setSecurityScheme(APIConstants.API_SECURITY_OAUTH2); + validationInfo.setSubscriberOrganization(organization); + validationInfo.setApiContext(matchedAPI.getBasePath()); + validationInfo.setApiVersion(matchedAPI.getVersion()); + validationInfo.setApiName(matchedAPI.getName()); + KeyValidator.validateSubscriptionUsingConsumerKey(validationInfo); + + if (validationInfo.isAuthorized()) { + if (log.isDebugEnabled()) { + log.debug("User is subscribed to the API: " + name + ", " + "version: " + version + ". Token:" + " " + + FilterUtils.getMaskedToken(splitToken[0])); + } + } else { + if (log.isDebugEnabled()) { + log.debug("User is not subscribed to access the API: " + name + ", version: " + version + ". " + + "Token: " + FilterUtils.getMaskedToken(splitToken[0])); + } + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHORIZED.getCode(), + APISecurityConstants.API_AUTH_FORBIDDEN, APISecurityConstants.API_AUTH_FORBIDDEN_MESSAGE); + } + } + + /** + * Validate whether the token is a valid JWT and generate the JWTValidationInfo object. + * + * @param jwtToken The full JWT token + * @param organization organization of the API + * @param environment environment of the API + * @return + * @throws APISecurityException + */ + private JWTValidationInfo getJwtValidationInfo(String jwtToken, String organization, String environment) throws APISecurityException { + + if (isGatewayTokenCacheEnabled) { + String[] jwtParts = jwtToken.split("\\."); + String signature = jwtParts[2]; + Object validCacheToken = CacheProviderUtil.getOrganizationCache(organization).getGatewayKeyCache() + .getIfPresent(signature); + if (validCacheToken != null) { + JWTValidationInfo validationInfo = (JWTValidationInfo) validCacheToken; + if (!isJWTExpired(validationInfo)) { + if (!StringUtils.equals(validationInfo.getToken(), jwtToken)) { + log.warn("Suspected tampered token; a JWT token with the same signature is " + + "already available in the cache. Tampered token: " + FilterUtils.getMaskedToken(jwtToken)); + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, "Invalid JWT token"); + } + if (RevokedJWTDataHolder.isJWTTokenSignatureExistsInRevokedMap(validationInfo.getIdentifier())) { + log.debug("Token found in the revoked jwt token map."); + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, "Invalid JWT token"); + } + return validationInfo; + } else { + CacheProviderUtil.getOrganizationCache(organization).getGatewayKeyCache().invalidate(signature); + CacheProviderUtil.getOrganizationCache(organization).getInvalidTokenCache().put(signature, true); + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_ACCESS_TOKEN_EXPIRED, + APISecurityConstants.API_AUTH_ACCESS_TOKEN_EXPIRED_MESSAGE); + } + } else if (CacheProviderUtil.getOrganizationCache(organization).getInvalidTokenCache() + .getIfPresent(signature) != null) { + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS_MESSAGE); + } + } + + SignedJWT signedJWT; + JWTClaimsSet jwtClaimsSet; + SignedJWTInfo signedJWTInfo; + Scope decodeTokenHeaderSpanScope = null; + TracingSpan decodeTokenHeaderSpan = null; + try { + if (Utils.tracingEnabled()) { + TracingTracer tracer = Utils.getGlobalTracer(); + decodeTokenHeaderSpan = Utils.startSpan(TracingConstants.DECODE_TOKEN_HEADER_SPAN, tracer); + decodeTokenHeaderSpanScope = decodeTokenHeaderSpan.getSpan().makeCurrent(); + Utils.setTag(decodeTokenHeaderSpan, APIConstants.LOG_TRACE_ID, + ThreadContext.get(APIConstants.LOG_TRACE_ID)); + } + signedJWT = SignedJWT.parse(jwtToken); + jwtClaimsSet = signedJWT.getJWTClaimsSet(); + signedJWTInfo = new SignedJWTInfo(jwtToken, signedJWT, jwtClaimsSet); + } catch (ParseException | IllegalArgumentException e) { + log.error("Failed to decode the token header. {}", e.getMessage()); + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, "Not a JWT token. Failed to decode the " + + "token header", e); + } finally { + if (Utils.tracingEnabled()) { + decodeTokenHeaderSpanScope.close(); + Utils.finishSpan(decodeTokenHeaderSpan); + } + } + + String signature = signedJWT.getSignature().toString(); + String jwtTokenIdentifier = StringUtils.isNotEmpty(jwtClaimsSet.getJWTID()) ? jwtClaimsSet.getJWTID() : + signature; + + // check whether the token is revoked + String jwtHeader = signedJWT.getHeader().toString(); + if (RevokedJWTDataHolder.isJWTTokenSignatureExistsInRevokedMap(jwtTokenIdentifier)) { + log.debug("Token retrieved from the revoked jwt token map. Token: " + + FilterUtils.getMaskedToken(jwtHeader)); + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, "Invalid JWT token"); + } + + try { + // Get issuer + String issuer = jwtClaimsSet.getIssuer(); + JWTValidator jwtValidator = SubscriptionDataHolder.getInstance().getSubscriptionDataStore(organization) + .getJWTValidatorByIssuer(issuer, environment); + // If no validator found for the issuer, we are not caching the token. + if (jwtValidator == null) { + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, + APISecurityConstants.API_AUTH_INVALID_CREDENTIALS_MESSAGE); + } + + JWTValidationInfo jwtValidationInfo = jwtValidator.validateToken(jwtToken, signedJWTInfo); + if (isGatewayTokenCacheEnabled) { + // Add token to tenant token cache + if (jwtValidationInfo.isValid()) { + CacheProviderUtil.getOrganizationCache(organization).getGatewayKeyCache().put(signature, + jwtValidationInfo); + } else { + CacheProviderUtil.getOrganizationCache(organization).getInvalidTokenCache().put(signature, true); + } + } + return jwtValidationInfo; + } catch (EnforcerException e) { + log.error("JWT Validation failed", e); + throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), + APISecurityConstants.API_AUTH_GENERAL_ERROR, + APISecurityConstants.API_AUTH_GENERAL_ERROR_MESSAGE); + } + } + + /** + * Check whether the jwt token is expired or not. + * + * @param payload The payload of the JWT token + * @return boolean true if the token is not expired, false otherwise + */ + private Boolean isJWTExpired(JWTValidationInfo payload) { + + long timestampSkew = FilterUtils.getTimeStampSkewInSeconds(); + Date now = new Date(); + Date exp = new Date(payload.getExpiryTime()); + return !DateUtils.isAfter(exp, now, timestampSkew); + } +} diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/validator/JWTValidator.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/validator/JWTValidator.java index 4a12de0b45..38e7c0eb70 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/validator/JWTValidator.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/validator/JWTValidator.java @@ -93,6 +93,7 @@ public JWTValidationInfo validateToken(String token, SignedJWTInfo signedJWTInfo jwtValidationInfo.setIdentifier(JWTUtils.getJWTTokenIdentifier(signedJWTInfo)); jwtValidationInfo.setJwtClaimsSet(signedJWTInfo.getJwtClaimsSet()); jwtValidationInfo.setToken(token); + jwtValidationInfo.setAudience(jwtClaimsSet.getAudience()); return jwtValidationInfo; } jwtValidationInfo.setValidationCode(APISecurityConstants.API_AUTH_ACCESS_TOKEN_EXPIRED); diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/test/java/org/wso2/apk/enforcer/jwt/JWTValidatorTest.java b/gateway/enforcer/org.wso2.apk.enforcer/src/test/java/org/wso2/apk/enforcer/jwt/Oauth2ValidatorTest.java similarity index 92% rename from gateway/enforcer/org.wso2.apk.enforcer/src/test/java/org/wso2/apk/enforcer/jwt/JWTValidatorTest.java rename to gateway/enforcer/org.wso2.apk.enforcer/src/test/java/org/wso2/apk/enforcer/jwt/Oauth2ValidatorTest.java index b4ceb92cf8..55376740c3 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/test/java/org/wso2/apk/enforcer/jwt/JWTValidatorTest.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/test/java/org/wso2/apk/enforcer/jwt/Oauth2ValidatorTest.java @@ -39,7 +39,7 @@ import org.wso2.apk.enforcer.commons.model.APIConfig; import org.wso2.apk.enforcer.commons.model.AuthenticationConfig; import org.wso2.apk.enforcer.commons.model.AuthenticationContext; -import org.wso2.apk.enforcer.commons.model.JWTAuthenticationConfig; +import org.wso2.apk.enforcer.commons.model.Oauth2AuthenticationConfig; import org.wso2.apk.enforcer.commons.model.RequestContext; import org.wso2.apk.enforcer.commons.model.ResourceConfig; import org.wso2.apk.enforcer.config.ConfigHolder; @@ -47,7 +47,7 @@ import org.wso2.apk.enforcer.config.dto.ExtendedTokenIssuerDto; import org.wso2.apk.enforcer.constants.APISecurityConstants; import org.wso2.apk.enforcer.security.KeyValidator; -import org.wso2.apk.enforcer.security.jwt.JWTAuthenticator; +import org.wso2.apk.enforcer.security.jwt.Oauth2Authenticator; import org.wso2.apk.enforcer.security.jwt.validator.JWTValidator; import org.wso2.apk.enforcer.server.RevokedTokenRedisClient; import org.wso2.apk.enforcer.subscription.SubscriptionDataHolder; @@ -59,7 +59,7 @@ import java.util.Map; import java.util.UUID; -public class JWTValidatorTest { +public class Oauth2ValidatorTest { @Before public void setup() { @@ -95,15 +95,15 @@ public void testJWTValidator() throws APISecurityException, EnforcerException { jwtValidationInfo.setKeyManager("Default"); JWTConfigurationDto jwtConfigurationDto = new JWTConfigurationDto(); - JWTAuthenticator jwtAuthenticator = new JWTAuthenticator(jwtConfigurationDto, true); + Oauth2Authenticator oauth2Authenticator = new Oauth2Authenticator(jwtConfigurationDto, true); RequestContext requestContext = Mockito.mock(RequestContext.class); ArrayList resourceConfigs = new ArrayList<>(); ResourceConfig resourceConfig = Mockito.mock(ResourceConfig.class); AuthenticationConfig authenticationConfig = new AuthenticationConfig(); - JWTAuthenticationConfig jwtAuthenticationConfig = new JWTAuthenticationConfig(); - jwtAuthenticationConfig.setHeader("Authorization"); - authenticationConfig.setJwtAuthenticationConfig(jwtAuthenticationConfig); + Oauth2AuthenticationConfig oauth2AuthenticationConfig = new Oauth2AuthenticationConfig(); + oauth2AuthenticationConfig.setHeader("Authorization"); + authenticationConfig.setOauth2AuthenticationConfig(oauth2AuthenticationConfig); Mockito.when(resourceConfig.getAuthenticationConfig()).thenReturn(authenticationConfig); Mockito.when(resourceConfig.getMethod()).thenReturn(ResourceConfig.HttpMethods.GET); resourceConfigs.add(resourceConfig); @@ -134,7 +134,7 @@ public void testJWTValidator() throws APISecurityException, EnforcerException { subscriptionDataHolderMockedStatic.when(SubscriptionDataHolder::getInstance).thenReturn(subscriptionDataHolder); Mockito.when(subscriptionDataHolder.getSubscriptionDataStore(organization)).thenReturn(subscriptionDataStore); Logger logger = Mockito.mock(Logger.class); - logManagerDummy.when(() -> LogManager.getLogger(JWTAuthenticator.class)).thenReturn(logger); + logManagerDummy.when(() -> LogManager.getLogger(Oauth2Authenticator.class)).thenReturn(logger); Log logger2 = Mockito.mock(Log.class); logFactoryDummy.when(() -> LogFactory.getLog(AbstractAPIMgtGatewayJWTGenerator.class)).thenReturn(logger2); cacheProviderUtilDummy.when(() -> CacheProviderUtil.getOrganizationCache(organization)) @@ -156,7 +156,7 @@ public void testJWTValidator() throws APISecurityException, EnforcerException { Mockito.when(subscriptionDataStore.getJWTValidatorByIssuer(issuer, environment)).thenReturn(jwtValidator); Mockito.when(jwtValidator.validateToken(Mockito.eq(jwt), Mockito.any())).thenReturn(jwtValidationInfo); keyValidaterDummy.when(() -> KeyValidator.validateScopes(Mockito.any())).thenReturn(true); - AuthenticationContext authenticate = jwtAuthenticator.authenticate(requestContext); + AuthenticationContext authenticate = oauth2Authenticator.authenticate(requestContext); Assert.assertNotNull(authenticate); Mockito.verify(gatewayKeyCache, Mockito.atLeast(1)).put(signature, jwtValidationInfo); } @@ -194,15 +194,15 @@ public void testRevokedToken() throws APISecurityException, EnforcerException { jwtValidationInfo.setIdentifier(revokedTokenJTI); JWTConfigurationDto jwtConfigurationDto = new JWTConfigurationDto(); - JWTAuthenticator jwtAuthenticator = new JWTAuthenticator(jwtConfigurationDto, true); + Oauth2Authenticator oauth2Authenticator = new Oauth2Authenticator(jwtConfigurationDto, true); RequestContext requestContext = Mockito.mock(RequestContext.class); ArrayList resourceConfigs = new ArrayList<>(); ResourceConfig resourceConfig = Mockito.mock(ResourceConfig.class); AuthenticationConfig authenticationConfig = new AuthenticationConfig(); - JWTAuthenticationConfig jwtAuthenticationConfig = new JWTAuthenticationConfig(); - jwtAuthenticationConfig.setHeader("Authorization"); - authenticationConfig.setJwtAuthenticationConfig(jwtAuthenticationConfig); + Oauth2AuthenticationConfig oauth2AuthenticationConfig = new Oauth2AuthenticationConfig(); + oauth2AuthenticationConfig.setHeader("Authorization"); + authenticationConfig.setOauth2AuthenticationConfig(oauth2AuthenticationConfig); Mockito.when(resourceConfig.getAuthenticationConfig()).thenReturn(authenticationConfig); Mockito.when(resourceConfig.getMethod()).thenReturn(ResourceConfig.HttpMethods.GET); resourceConfigs.add(resourceConfig); @@ -234,7 +234,7 @@ public void testRevokedToken() throws APISecurityException, EnforcerException { subscriptionDataHolderMockedStatic.when(SubscriptionDataHolder::getInstance).thenReturn(subscriptionDataHolder); Mockito.when(subscriptionDataHolder.getSubscriptionDataStore(organization)).thenReturn(subscriptionDataStore); Logger logger = Mockito.mock(Logger.class); - logManagerDummy.when(() -> LogManager.getLogger(JWTAuthenticator.class)).thenReturn(logger); + logManagerDummy.when(() -> LogManager.getLogger(Oauth2Authenticator.class)).thenReturn(logger); Log logger2 = Mockito.mock(Log.class); logFactoryDummy.when(() -> LogFactory.getLog(AbstractAPIMgtGatewayJWTGenerator.class)).thenReturn(logger2); cacheProviderUtilDummy.when(() -> CacheProviderUtil.getOrganizationCache(organization)) @@ -255,7 +255,7 @@ public void testRevokedToken() throws APISecurityException, EnforcerException { Mockito.when(jwtValidator.validateToken(Mockito.eq(jwt), Mockito.any())).thenReturn(jwtValidationInfo); keyValidaterDummy.when(() -> KeyValidator.validateScopes(Mockito.any())).thenReturn(true); try { - jwtAuthenticator.authenticate(requestContext); + oauth2Authenticator.authenticate(requestContext); Assert.fail("Authentication should fail for revoked tokens"); } catch (APISecurityException e) { Assert.assertEquals(e.getMessage(), e.getMessage(), @@ -299,15 +299,15 @@ public void testCachedJWTValidator() throws APISecurityException, EnforcerExcept jwtValidationInfo.setIdentifier(signature); JWTConfigurationDto jwtConfigurationDto = new JWTConfigurationDto(); - JWTAuthenticator jwtAuthenticator = new JWTAuthenticator(jwtConfigurationDto, true); + Oauth2Authenticator oauth2Authenticator = new Oauth2Authenticator(jwtConfigurationDto, true); RequestContext requestContext = Mockito.mock(RequestContext.class); ArrayList resourceConfigs = new ArrayList<>(); ResourceConfig resourceConfig = Mockito.mock(ResourceConfig.class); AuthenticationConfig authenticationConfig = new AuthenticationConfig(); - JWTAuthenticationConfig jwtAuthenticationConfig = new JWTAuthenticationConfig(); - jwtAuthenticationConfig.setHeader("Authorization"); - authenticationConfig.setJwtAuthenticationConfig(jwtAuthenticationConfig); + Oauth2AuthenticationConfig oauth2AuthenticationConfig = new Oauth2AuthenticationConfig(); + oauth2AuthenticationConfig.setHeader("Authorization"); + authenticationConfig.setOauth2AuthenticationConfig(oauth2AuthenticationConfig); Mockito.when(resourceConfig.getAuthenticationConfig()).thenReturn(authenticationConfig); Mockito.when(resourceConfig.getMethod()).thenReturn(ResourceConfig.HttpMethods.GET); resourceConfigs.add(resourceConfig); @@ -338,7 +338,7 @@ public void testCachedJWTValidator() throws APISecurityException, EnforcerExcept Mockito.when(subscriptionDataStore.getJWTValidatorByIssuer(issuer, environment)).thenReturn(jwtValidator); Mockito.when(jwtValidator.validateToken(Mockito.eq(jwt), Mockito.any())).thenReturn(jwtValidationInfo); keyValidatorDummy.when(() -> KeyValidator.validateScopes(Mockito.any())).thenReturn(true); - AuthenticationContext authenticate = jwtAuthenticator.authenticate(requestContext); + AuthenticationContext authenticate = oauth2Authenticator.authenticate(requestContext); Assert.assertNotNull(authenticate); Assert.assertEquals(authenticate.getConsumerKey(), jwtValidationInfo.getConsumerKey()); Mockito.verify(gatewayKeyCache, Mockito.atLeast(1)).getIfPresent(signature); @@ -367,15 +367,15 @@ public void testNonJTIJWTValidator() throws APISecurityException, EnforcerExcept jwtValidationInfo.setIdentifier(signature); JWTConfigurationDto jwtConfigurationDto = new JWTConfigurationDto(); - JWTAuthenticator jwtAuthenticator = new JWTAuthenticator(jwtConfigurationDto, true); + Oauth2Authenticator oauth2Authenticator = new Oauth2Authenticator(jwtConfigurationDto, true); RequestContext requestContext = Mockito.mock(RequestContext.class); ArrayList resourceConfigs = new ArrayList<>(); ResourceConfig resourceConfig = Mockito.mock(ResourceConfig.class); AuthenticationConfig authenticationConfig = new AuthenticationConfig(); - JWTAuthenticationConfig jwtAuthenticationConfig = new JWTAuthenticationConfig(); - jwtAuthenticationConfig.setHeader("Authorization"); - authenticationConfig.setJwtAuthenticationConfig(jwtAuthenticationConfig); + Oauth2AuthenticationConfig oauth2AuthenticationConfig = new Oauth2AuthenticationConfig(); + oauth2AuthenticationConfig.setHeader("Authorization"); + authenticationConfig.setOauth2AuthenticationConfig(oauth2AuthenticationConfig); Mockito.when(resourceConfig.getAuthenticationConfig()).thenReturn(authenticationConfig); Mockito.when(resourceConfig.getMethod()).thenReturn(ResourceConfig.HttpMethods.GET); resourceConfigs.add(resourceConfig); @@ -407,7 +407,7 @@ public void testNonJTIJWTValidator() throws APISecurityException, EnforcerExcept .thenReturn(jwtValidator); Mockito.when(jwtValidator.validateToken(Mockito.eq(jwt), Mockito.any())).thenReturn(jwtValidationInfo); keyValidatorDummy.when(() -> KeyValidator.validateScopes(Mockito.any())).thenReturn(true); - AuthenticationContext authenticate = jwtAuthenticator.authenticate(requestContext); + AuthenticationContext authenticate = oauth2Authenticator.authenticate(requestContext); Assert.assertNotNull(authenticate); Assert.assertEquals(authenticate.getConsumerKey(), jwtValidationInfo.getConsumerKey()); Mockito.verify(gatewayKeyCache, Mockito.atLeast(1)).getIfPresent(signature); @@ -442,15 +442,15 @@ public void testExpiredJWTValidator() { jwtValidationInfo.setIdentifier(signature); JWTConfigurationDto jwtConfigurationDto = new JWTConfigurationDto(); - JWTAuthenticator jwtAuthenticator = new JWTAuthenticator(jwtConfigurationDto, true); + Oauth2Authenticator oauth2Authenticator = new Oauth2Authenticator(jwtConfigurationDto, true); RequestContext requestContext = Mockito.mock(RequestContext.class); ArrayList resourceConfigs = new ArrayList<>(); ResourceConfig resourceConfig = Mockito.mock(ResourceConfig.class); AuthenticationConfig authenticationConfig = new AuthenticationConfig(); - JWTAuthenticationConfig jwtAuthenticationConfig = new JWTAuthenticationConfig(); - jwtAuthenticationConfig.setHeader("Authorization"); - authenticationConfig.setJwtAuthenticationConfig(jwtAuthenticationConfig); + Oauth2AuthenticationConfig oauth2AuthenticationConfig = new Oauth2AuthenticationConfig(); + oauth2AuthenticationConfig.setHeader("Authorization"); + authenticationConfig.setOauth2AuthenticationConfig(oauth2AuthenticationConfig); Mockito.when(resourceConfig.getAuthenticationConfig()).thenReturn(authenticationConfig); Mockito.when(resourceConfig.getMethod()).thenReturn(ResourceConfig.HttpMethods.GET); resourceConfigs.add(resourceConfig); @@ -475,7 +475,7 @@ public void testExpiredJWTValidator() { cacheProviderUtilDummy.when(() -> CacheProviderUtil.getOrganizationCache(organization)).thenReturn(cacheProvider); keyValidatorDummy.when(() -> KeyValidator.validateScopes(Mockito.any())).thenReturn(true); try { - jwtAuthenticator.authenticate(requestContext); + oauth2Authenticator.authenticate(requestContext); Assert.fail("Authentication should fail for expired tokens"); } catch (APISecurityException e) { Assert.assertEquals(e.getMessage(), e.getMessage(), @@ -517,15 +517,15 @@ public void testNoCacheExpiredJWTValidator() throws EnforcerException { jwtValidationInfo.setIdentifier(signature); JWTConfigurationDto jwtConfigurationDto = new JWTConfigurationDto(); - JWTAuthenticator jwtAuthenticator = new JWTAuthenticator(jwtConfigurationDto, true); + Oauth2Authenticator oauth2Authenticator = new Oauth2Authenticator(jwtConfigurationDto, true); RequestContext requestContext = Mockito.mock(RequestContext.class); ArrayList resourceConfigs = new ArrayList<>(); ResourceConfig resourceConfig = Mockito.mock(ResourceConfig.class); AuthenticationConfig authenticationConfig = new AuthenticationConfig(); - JWTAuthenticationConfig jwtAuthenticationConfig = new JWTAuthenticationConfig(); - jwtAuthenticationConfig.setHeader("Authorization"); - authenticationConfig.setJwtAuthenticationConfig(jwtAuthenticationConfig); + Oauth2AuthenticationConfig oauth2AuthenticationConfig = new Oauth2AuthenticationConfig(); + oauth2AuthenticationConfig.setHeader("Authorization"); + authenticationConfig.setOauth2AuthenticationConfig(oauth2AuthenticationConfig); Mockito.when(resourceConfig.getAuthenticationConfig()).thenReturn(authenticationConfig); Mockito.when(resourceConfig.getMethod()).thenReturn(ResourceConfig.HttpMethods.GET); resourceConfigs.add(resourceConfig); @@ -563,7 +563,7 @@ public void testNoCacheExpiredJWTValidator() throws EnforcerException { keyValidatorDummy.when(() -> KeyValidator.validateScopes(Mockito.any())).thenReturn(true); try { - jwtAuthenticator.authenticate(requestContext); + oauth2Authenticator.authenticate(requestContext); Assert.fail("Authentication should fail for expired tokens"); } catch (APISecurityException e) { Assert.assertEquals(e.getMessage(), APISecurityConstants.API_AUTH_ACCESS_TOKEN_EXPIRED_MESSAGE); @@ -617,15 +617,15 @@ public void testTamperedPayloadJWTValidator() throws EnforcerException { jwtValidationInfo.setIdentifier(signature); JWTConfigurationDto jwtConfigurationDto = new JWTConfigurationDto(); - JWTAuthenticator jwtAuthenticator = new JWTAuthenticator(jwtConfigurationDto, true); + Oauth2Authenticator oauth2Authenticator = new Oauth2Authenticator(jwtConfigurationDto, true); RequestContext requestContext = Mockito.mock(RequestContext.class); ArrayList resourceConfigs = new ArrayList<>(); ResourceConfig resourceConfig = Mockito.mock(ResourceConfig.class); AuthenticationConfig authenticationConfig = new AuthenticationConfig(); - JWTAuthenticationConfig jwtAuthenticationConfig = new JWTAuthenticationConfig(); - jwtAuthenticationConfig.setHeader("Authorization"); - authenticationConfig.setJwtAuthenticationConfig(jwtAuthenticationConfig); + Oauth2AuthenticationConfig oauth2AuthenticationConfig = new Oauth2AuthenticationConfig(); + oauth2AuthenticationConfig.setHeader("Authorization"); + authenticationConfig.setOauth2AuthenticationConfig(oauth2AuthenticationConfig); Mockito.when(resourceConfig.getAuthenticationConfig()).thenReturn(authenticationConfig); Mockito.when(resourceConfig.getMethod()).thenReturn(ResourceConfig.HttpMethods.GET); resourceConfigs.add(resourceConfig); @@ -664,7 +664,7 @@ public void testTamperedPayloadJWTValidator() throws EnforcerException { Mockito.when(jwtValidator.validateToken(Mockito.eq(jwt), Mockito.any())).thenReturn(jwtValidationInfo); keyValidatorDummy.when(() -> KeyValidator.validateScopes(Mockito.any())).thenReturn(true); try { - jwtAuthenticator.authenticate(requestContext); + oauth2Authenticator.authenticate(requestContext); Assert.fail("Authentication should fail for tampered tokens"); } catch (APISecurityException e) { Assert.assertEquals(e.getMessage(), "Invalid JWT token"); diff --git a/helm-charts/crds/dp.wso2.com_authentications.yaml b/helm-charts/crds/dp.wso2.com_authentications.yaml index 1418de8c2c..06c91382d0 100644 --- a/helm-charts/crds/dp.wso2.com_authentications.yaml +++ b/helm-charts/crds/dp.wso2.com_authentications.yaml @@ -275,6 +275,31 @@ spec: type: object nullable: true type: array + jwt: + description: JWT is to specify the JWT authentication scheme + details + properties: + audience: + description: Audience that can invoke a corresponding + API + items: + type: string + type: array + disabled: + default: true + description: Disabled is to disable JWT authentication + type: boolean + header: + default: internal-key + description: Header is the header name used to pass the + JWT + minLength: 1 + type: string + sendTokenToUpstream: + description: SendTokenToUpstream is to specify whether + the JWT should be sent to the upstream + type: boolean + type: object mtls: description: MutualSSL is to specify the features and certificates for mutual SSL @@ -364,21 +389,6 @@ spec: the OAuth2 token should be sent to the upstream type: boolean type: object - testConsoleKey: - description: TestConsoleKey is to specify the Test Console - Key authentication scheme details - properties: - header: - default: internal-key - description: Header is the header name used to pass the - Test Console Key - minLength: 1 - type: string - sendTokenToUpstream: - description: SendTokenToUpstream is to specify whether - the Test Console Key should be sent to the upstream - type: boolean - type: object type: object disabled: description: Disabled is to disable all authentications @@ -417,6 +427,31 @@ spec: type: object nullable: true type: array + jwt: + description: JWT is to specify the JWT authentication scheme + details + properties: + audience: + description: Audience that can invoke a corresponding + API + items: + type: string + type: array + disabled: + default: true + description: Disabled is to disable JWT authentication + type: boolean + header: + default: internal-key + description: Header is the header name used to pass the + JWT + minLength: 1 + type: string + sendTokenToUpstream: + description: SendTokenToUpstream is to specify whether + the JWT should be sent to the upstream + type: boolean + type: object mtls: description: MutualSSL is to specify the features and certificates for mutual SSL @@ -506,21 +541,6 @@ spec: the OAuth2 token should be sent to the upstream type: boolean type: object - testConsoleKey: - description: TestConsoleKey is to specify the Test Console - Key authentication scheme details - properties: - header: - default: internal-key - description: Header is the header name used to pass the - Test Console Key - minLength: 1 - type: string - sendTokenToUpstream: - description: SendTokenToUpstream is to specify whether - the Test Console Key should be sent to the upstream - type: boolean - type: object type: object disabled: description: Disabled is to disable all authentications