Skip to content

Commit

Permalink
Improve code
Browse files Browse the repository at this point in the history
  • Loading branch information
Tharsanan1 committed Mar 4, 2024
1 parent b552c32 commit bb8590a
Show file tree
Hide file tree
Showing 4 changed files with 29 additions and 21 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -18,18 +18,21 @@

package org.wso2.apk.enforcer.commons.model;

import java.util.ArrayList;
import java.util.List;

/**
* Defines JWT authentication config structure.
*/
public class JWTAuthenticationConfig {
private String Header;
private String header;
private boolean sendTokenToUpstream;
private ArrayList<String> audience;
private List<String> audience;
public String getHeader() {
return Header;
return header;
}

public void setHeader(String header) {
Header = header;
this.header = header;
}

public boolean isSendTokenToUpstream() {
Expand All @@ -40,11 +43,11 @@ public void setSendTokenToUpstream(boolean sendTokenToUpstream) {
this.sendTokenToUpstream = sendTokenToUpstream;
}

public ArrayList<String> getAudience() {
public List<String> getAudience() {
return audience;
}

public void setAudience(ArrayList<String> audience) {
public void setAudience(List<String> audience) {
this.audience = audience;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -18,16 +18,19 @@

package org.wso2.apk.enforcer.commons.model;

/**
* Defines OAuth2 authentication config structure.
*/
public class Oauth2AuthenticationConfig {
private String Header;
private String header;
private boolean sendTokenToUpstream;

public String getHeader() {
return Header;
return header;
}

public void setHeader(String header) {
Header = header;
this.header = header;
}

public boolean isSendTokenToUpstream() {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,7 @@ private static JWTAuthenticationConfig getJwtAuthenticationConfig(Operation oper
jwtAuthenticationConfig.setHeader(operation.getApiAuthentication().getJwt().getHeader());
jwtAuthenticationConfig.setSendTokenToUpstream(operation.getApiAuthentication().getJwt()
.getSendTokenToUpstream());
ArrayList<String> audience = new ArrayList<>();
List<String> audience = new ArrayList<>();
for (int i = 0; i < operation.getApiAuthentication().getJwt().getAudienceCount(); i++) {
audience.add(operation.getApiAuthentication().getJwt().getAudience(i));
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@
import org.wso2.apk.enforcer.security.jwt.validator.RevokedJWTDataHolder;
import org.wso2.apk.enforcer.server.RevokedTokenRedisClient;
import org.wso2.apk.enforcer.subscription.SubscriptionDataHolder;
import org.wso2.apk.enforcer.subscription.SubscriptionDataStore;
import org.wso2.apk.enforcer.tracing.TracingConstants;
import org.wso2.apk.enforcer.tracing.TracingSpan;
import org.wso2.apk.enforcer.tracing.TracingTracer;
Expand Down Expand Up @@ -131,9 +132,9 @@ public AuthenticationContext authenticate(RequestContext requestContext) throws
if (validationInfo.isValid()) {
List<String> audFromAPI = getAudience(requestContext.getMatchedResourcePaths());
List<String> audFromToken = validationInfo.getAudience();
if (!checkAllExist(audFromAPI, audFromToken)) {
if (!checkAnyExist(audFromAPI, audFromToken)) {
throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(),
APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, "Required audience not available in the JWT aud.");
APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, APISecurityConstants.API_AUTH_INVALID_CREDENTIALS_MESSAGE);
}
Map<String, Object> claims = validationInfo.getClaims();
// Validate token type
Expand Down Expand Up @@ -267,8 +268,8 @@ private String getTokenHeader(ArrayList<ResourceConfig> matchedResourceConfigs)
return "";
}

private ArrayList<String> getAudience(ArrayList<ResourceConfig> matchedResourceConfigs) {
ArrayList<String> audience = new ArrayList<>();
private List<String> getAudience(ArrayList<ResourceConfig> matchedResourceConfigs) {
List<String> audience = new ArrayList<>();
for (ResourceConfig resourceConfig : matchedResourceConfigs) {
if (resourceConfig.getAuthenticationConfig() != null &&
resourceConfig.getAuthenticationConfig().getJwtAuthenticationConfig() != null) {
Expand Down Expand Up @@ -525,12 +526,13 @@ private Boolean isJWTExpired(JWTValidationInfo payload) {
}

/**
* Checks if all elements in the first list are present in the second list.
* @param list1 The list of elements to check.
* @param list2 The list in which to check for the elements.
* @return True if all elements in list1 are present in list2, false otherwise.
* Checks if at least one element from list1 exists in list2.
*
* @param list1 The first list to check.
* @param list2 The second list to check against.
* @return true if at least one element from list1 exists in list2, otherwise false.
*/
public static boolean checkAllExist(List<String> list1, List<String> list2) {
return list1.stream().allMatch(list2::contains);
public static boolean checkAnyExist(List<String> list1, List<String> list2) {
return list1.stream().anyMatch(list2::contains);
}
}

0 comments on commit bb8590a

Please sign in to comment.