[XAPID-1037] refactor | make object based methods
diff --git a/api.go b/api.go index 6b2909f..07ecacd 100644 --- a/api.go +++ b/api.go
@@ -18,20 +18,19 @@ "database/sql" "encoding/json" "errors" - "github.com/30x/apid-core" "io" "io/ioutil" "net/http" "strconv" "strings" - "unicode/utf8" ) type apiManagerInterface interface { InitAPI() - //addChangedDeployment(string) - //distributeEvents() + handleRequest(w http.ResponseWriter, r *http.Request) + verifyAPIKey(verifyApiKeyReq VerifyApiKeyRequest) ([]byte, error) } + type apiManager struct { dbMan dbManagerInterface verifiersEndpoint string @@ -48,14 +47,14 @@ } // handle client API -func (a *apiManager) handleRequest(w http.ResponseWriter, r *http.Request) { +func (apiManager *apiManager) handleRequest(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") verifyApiKeyReq, err := validateRequest(r.Body, w) if err != nil { return } - b, err := verifyAPIKey(verifyApiKeyReq, a.dbMan.getDb()) + b, err := apiManager.verifyAPIKey(verifyApiKeyReq) if err != nil { respStatusCode, atoierr := strconv.Atoi(err.Error()) @@ -64,9 +63,12 @@ } else { w.WriteHeader(respStatusCode) } + // TODO : discuss and finalize on error codes. + w.WriteHeader(http.StatusBadRequest) } log.Debugf("handleVerifyAPIKey result %s", b) + w.Write(b) return } @@ -91,7 +93,7 @@ log.Debug(verifyApiKeyReq) // 2. verify params - if verifyApiKeyReq.Action == "" || verifyApiKeyReq.ApiProxyName == "" || verifyApiKeyReq.EnvironmentName == "" || verifyApiKeyReq.Key == "" { + if verifyApiKeyReq.Action == "" || verifyApiKeyReq.ApiProxyName == "" || verifyApiKeyReq.OrganizationName == "" || verifyApiKeyReq.EnvironmentName == "" || verifyApiKeyReq.Key == "" { // TODO : set correct fields in error response errorResponse := errorResponse("Bad_REQUEST", "Missing element") w.WriteHeader(http.StatusBadRequest) @@ -102,29 +104,20 @@ } // returns []byte to be written to client -func verifyAPIKey(verifyApiKeyReq VerifyApiKeyRequest, db apid.DB) ([]byte, error) { +func (apiM apiManager) verifyAPIKey(verifyApiKeyReq VerifyApiKeyRequest) ([]byte, error) { - /* these fields need to be nullable types for scanning. This is because when using json snapshots, - and therefore being responsible for inserts, we were able to default everything to be not null. With - sqlite snapshots, we are not necessarily guaranteed that - */ - var finalDeveloperDetails DeveloperDetails - var companyDetails CompanyDetails - var cType, tenantId sql.NullString + dataWrapper := VerifyApiKeyRequestResponseDataWrapper{ + verifyApiKeyRequest: verifyApiKeyReq, + } + dataWrapper.verifyApiKeySuccessResponse.ClientId.ClientId = verifyApiKeyReq.Key - tempDeveloperDetails := DeveloperDetails{} - appDetails := AppDetails{} - apiProductDetails := ApiProductDetails{} - clientIdDetails := ClientIdDetails{} - clientIdDetails.ClientId = verifyApiKeyReq.Key - - err := getApiKeyDetails(db, verifyApiKeyReq, &cType, &tenantId, &tempDeveloperDetails, &appDetails, &apiProductDetails, &clientIdDetails) + err := apiM.dbMan.getApiKeyDetails(&dataWrapper) switch { case err == sql.ErrNoRows: reason := "API Key verify failed for (" + verifyApiKeyReq.Key + ", " + verifyApiKeyReq.OrganizationName + ")" errorCode := "oauth.v2.InvalidApiKey" - return errorResponse(reason, errorCode), errors.New(strconv.Itoa(http.StatusUnauthorized)) + return errorResponse(reason, errorCode), errors.New(strconv.Itoa(http.StatusBadRequest)) case err != nil: reason := err.Error() @@ -133,51 +126,43 @@ } /* - * Perform all validations related to the Query made with the data - * we just retrieved + * Perform all validations */ - errResponse, err := performValidations(verifyApiKeyReq, clientIdDetails, appDetails, tempDeveloperDetails, apiProductDetails, cType) - + errResponse, err := apiM.performValidations(dataWrapper) if errResponse != nil { return errResponse, err } - enrichAttributes(db, tenantId.String, &clientIdDetails, &appDetails, &tempDeveloperDetails, &apiProductDetails) + apiM.enrichAttributes(dataWrapper) - if cType.String == "developer" { - finalDeveloperDetails = tempDeveloperDetails + if dataWrapper.ctype == "developer" { + dataWrapper.verifyApiKeySuccessResponse.Developer = dataWrapper.tempDeveloperDetails } else { - companyDetails = CompanyDetails{ - Id: tempDeveloperDetails.Id, - DisplayName: tempDeveloperDetails.UserName, - Status: tempDeveloperDetails.Status, - CreatedAt: tempDeveloperDetails.CreatedAt, - CreatedBy: tempDeveloperDetails.CreatedBy, - LastmodifiedAt: tempDeveloperDetails.LastmodifiedAt, - LastmodifiedBy: tempDeveloperDetails.LastmodifiedBy, - Attributes: tempDeveloperDetails.Attributes, + dataWrapper.verifyApiKeySuccessResponse.Company = CompanyDetails{ + Id: dataWrapper.tempDeveloperDetails.Id, + DisplayName: dataWrapper.tempDeveloperDetails.UserName, + Status: dataWrapper.tempDeveloperDetails.Status, + CreatedAt: dataWrapper.tempDeveloperDetails.CreatedAt, + CreatedBy: dataWrapper.tempDeveloperDetails.CreatedBy, + LastmodifiedAt: dataWrapper.tempDeveloperDetails.LastmodifiedAt, + LastmodifiedBy: dataWrapper.tempDeveloperDetails.LastmodifiedBy, + Attributes: dataWrapper.tempDeveloperDetails.Attributes, } - } - resp := VerifyApiKeySuccessResponse{ - ClientId: clientIdDetails, - Organization: verifyApiKeyReq.OrganizationName, - Environment: verifyApiKeyReq.EnvironmentName, - Developer: finalDeveloperDetails, - Company: companyDetails, - App: appDetails, - ApiProduct: apiProductDetails, - // Identifier of the authorization code. This will be unique for each request. - Identifier: verifyApiKeyReq.Key, // TODO : what is this ????? - Kind: "Collection", // TODO : what is this ???? - - } + resp := dataWrapper.verifyApiKeySuccessResponse return json.Marshal(resp) } -func performValidations(verifyApiKeyReq VerifyApiKeyRequest, clientIdDetails ClientIdDetails, appDetails AppDetails, tempDeveloperDetails DeveloperDetails, apiProductDetails ApiProductDetails, cType sql.NullString) ([]byte, error) { +func (apiM apiManager) performValidations(dataWrapper VerifyApiKeyRequestResponseDataWrapper) ([]byte, error) { + clientIdDetails := dataWrapper.verifyApiKeySuccessResponse.ClientId + verifyApiKeyReq := dataWrapper.verifyApiKeyRequest + appDetails := dataWrapper.verifyApiKeySuccessResponse.App + tempDeveloperDetails := dataWrapper.tempDeveloperDetails + cType := dataWrapper.ctype + apiProductDetails := dataWrapper.verifyApiKeySuccessResponse.ApiProduct + if !strings.EqualFold("APPROVED", clientIdDetails.Status) { reason := "API Key verify failed for (" + verifyApiKeyReq.Key + ", " + verifyApiKeyReq.OrganizationName + ")" errorCode := "oauth.v2.ApiKeyNotApproved" @@ -193,13 +178,13 @@ if !strings.EqualFold("ACTIVE", tempDeveloperDetails.Status) { reason := "API Key verify failed for (" + verifyApiKeyReq.Key + ", " + verifyApiKeyReq.OrganizationName + ")" errorCode := "keymanagement.service.DeveloperStatusNotActive" - if cType.String == "company" { + if cType == "company" { errorCode = "keymanagement.service.CompanyStatusNotActive" } return errorResponse(reason, errorCode), errors.New(strconv.Itoa(http.StatusUnauthorized)) } - result := validatePathRegex(apiProductDetails.Resources, verifyApiKeyReq.UriPath) + result := validatePath(apiProductDetails.Resources, verifyApiKeyReq.UriPath) if result == false { reason := "Path Validation Failed (" + strings.Join(apiProductDetails.Resources, ", ") + " vs " + verifyApiKeyReq.UriPath + ")" errorCode := "oauth.v2.InvalidApiKeyForGivenResource" @@ -232,43 +217,16 @@ return false } -func enrichAttributes(db apid.DB, tenantId string, clientIdDetails *ClientIdDetails, appDetails *AppDetails, tempDeveloperDetails *DeveloperDetails, apiProductDetails *ApiProductDetails) { - clientIdAttributes := getKmsAttributes(db, tenantId, clientIdDetails.ClientId) - developerAttributes := getKmsAttributes(db, tenantId, tempDeveloperDetails.Id) - appAttributes := getKmsAttributes(db, tenantId, appDetails.Id) - apiProductAttributes := getKmsAttributes(db, tenantId, apiProductDetails.Id) +func (a *apiManager) enrichAttributes(dataWrapper VerifyApiKeyRequestResponseDataWrapper) { + clientIdAttributes := a.dbMan.getKmsAttributes(dataWrapper.tenant_id, dataWrapper.verifyApiKeySuccessResponse.ClientId.ClientId) + developerAttributes := a.dbMan.getKmsAttributes(dataWrapper.tenant_id, dataWrapper.tempDeveloperDetails.Id) + appAttributes := a.dbMan.getKmsAttributes(dataWrapper.tenant_id, dataWrapper.verifyApiKeySuccessResponse.App.Id) + apiProductAttributes := a.dbMan.getKmsAttributes(dataWrapper.tenant_id, dataWrapper.verifyApiKeySuccessResponse.ApiProduct.Id) - clientIdDetails.Attributes = clientIdAttributes - appDetails.Attributes = appAttributes - apiProductDetails.Attributes = apiProductAttributes - tempDeveloperDetails.Attributes = developerAttributes -} -func getKmsAttributes(db apid.DB, tenantId string, entityId string) []Attribute { - - var attName, attValue sql.NullString - sql := "select name, value from kms_attributes where tenant_id = $1 and entity_id = $2" - attributesForQuery := []Attribute{} - attributes, err := db.Query(sql, tenantId, entityId) - if err != nil { - log.Error("Error while fetching attributes for tenant id : %s and entityId : %s", tenantId, entityId, err) - return attributesForQuery - } - - for attributes.Next() { - err := attributes.Scan( - &attName, - &attValue, - ) - if err != nil { - log.Error("error fetching attributes for entityid ", entityId, err) - } - if attName.String != "" { - att := Attribute{Name: attName.String, Value: attValue.String} - attributesForQuery = append(attributesForQuery, att) - } - } - log.Debug("attributes returned for query ", sql, " are ", attributesForQuery, tenantId, entityId) - return attributesForQuery + dataWrapper.verifyApiKeySuccessResponse.ClientId.Attributes = clientIdAttributes + dataWrapper.verifyApiKeySuccessResponse.App.Attributes = appAttributes + dataWrapper.verifyApiKeySuccessResponse.ApiProduct.Attributes = apiProductAttributes + dataWrapper.tempDeveloperDetails.Attributes = developerAttributes } func errorResponse(reason, errorCode string) []byte { @@ -284,219 +242,3 @@ ret, _ := json.Marshal(resp) return ret } - -func getApiKeyDetails(db apid.DB, verifyApiKeyReq VerifyApiKeyRequest, cType, tenantId *sql.NullString, tempDeveloperDetails *DeveloperDetails, appDetails *AppDetails, apiProductDetails *ApiProductDetails, clientIdDetails *ClientIdDetails) error { - - var proxies, environments, resources string - sSql := ` - SELECT - COALESCE("developer","") as ctype, - COALESCE(c.tenant_id,""), - - COALESCE(c.status,""), - COALESCE(c.consumer_secret,""), - - COALESCE(ad.id,"") as dev_id, - COALESCE(ad.username,"") as dev_username, - COALESCE(ad.first_name,"") as dev_first_name, - COALESCE(ad.last_name,"") as dev_last_name, - COALESCE(ad.email,"") as dev_email, - COALESCE(ad.status,"") as dev_status, - COALESCE(ad.created_at,"") as dev_created_at, - COALESCE(ad.created_by,"") as dev_created_by, - COALESCE(ad.updated_at,"") as dev_updated_at, - COALESCE(ad.updated_by,"") as dev_updated_by, - - COALESCE(a.id,"") as app_id, - COALESCE(a.name,"") as app_name, - COALESCE(a.access_type,"") as app_access_type, - COALESCE(a.callback_url,"") as app_callback_url, - COALESCE(a.display_name,"") as app_display_name, - COALESCE(a.status,"") as app_status, - COALESCE(a.app_family,"") as app_app_family, - COALESCE(a.company_id,"") as app_company_id, - COALESCE(a.created_at,"") as app_created_at, - COALESCE(a.created_by,"") as app_created_by, - COALESCE(a.updated_at,"") as app_updated_at, - COALESCE(a.updated_by,"") as app_updated_by, - - COALESCE(ap.id,"") as prod_id, - COALESCE(ap.name,"") as prod_name, - COALESCE(ap.display_name,"") as prod_display_name, - COALESCE(ap.quota,"") as prod_quota, - COALESCE(ap.quota_interval, 0) as prod_quota_interval, - COALESCE(ap.quota_time_unit,"") as prod_quota_time_unit, - COALESCE(ap.created_at,"") as prod_created_at, - COALESCE(ap.created_by,"") as prod_created_by, - COALESCE(ap.updated_at,"") as prod_updated_at, - COALESCE(ap.updated_by,"") as prod_updated_by, - COALESCE(ap.proxies,"") as prod_proxies, - COALESCE(ap.environments,"") as prod_environments, - COALESCE(ap.api_resources,"") as prod_resources - FROM - KMS_APP_CREDENTIAL AS c - INNER JOIN KMS_APP AS a - ON c.app_id = a.id - INNER JOIN KMS_DEVELOPER AS ad - ON ad.id = a.developer_id - INNER JOIN KMS_APP_CREDENTIAL_APIPRODUCT_MAPPER as mp - ON mp.appcred_id = c.id - INNER JOIN KMS_API_PRODUCT as ap - ON ap.id = mp.apiprdt_id - INNER JOIN KMS_ORGANIZATION AS o - ON o.tenant_id = c.tenant_id - WHERE (mp.apiprdt_id = ap.id - AND mp.app_id = a.id - AND mp.appcred_id = c.id - AND c.id = $1 - AND o.name = $2) - UNION ALL - SELECT - COALESCE("company","") as ctype, - COALESCE(c.tenant_id,""), - - COALESCE(c.status,""), - COALESCE(c.consumer_secret,""), - - COALESCE(ad.id,"") as dev_id, - COALESCE(ad.display_name,"") as dev_username, - COALESCE("","") as dev_first_name, - COALESCE("","") as dev_last_name, - COALESCE("","") as dev_email, - COALESCE(ad.status,"") as dev_status, - COALESCE(ad.created_at,"") as dev_created_at, - COALESCE(ad.created_by,"") as dev_created_by, - COALESCE(ad.updated_at,"") as dev_updated_at, - COALESCE(ad.updated_by,"") as dev_updated_by, - - COALESCE(a.id,"") as app_id, - COALESCE(a.name,"") as app_name, - COALESCE(a.access_type,"") as app_access_type, - COALESCE(a.callback_url,"") as app_callback_url, - COALESCE(a.display_name,"") as app_display_name, - COALESCE(a.status,"") as app_status, - COALESCE(a.app_family,"") as app_app_family, - COALESCE(a.company_id,"") as app_company_id, - COALESCE(a.created_at,"") as app_created_at, - COALESCE(a.created_by,"") as app_created_by, - COALESCE(a.updated_at,"") as app_updated_at, - COALESCE(a.updated_by,"") as app_updated_by, - - COALESCE(ap.id,"") as prod_id, - COALESCE(ap.name,"") as prod_name, - COALESCE(ap.display_name,"") as prod_display_name, - COALESCE(ap.quota,"") as prod_quota, - COALESCE(ap.quota_interval,0) as prod_quota_interval, - COALESCE(ap.quota_time_unit,"") as prod_quota_time_unit, - COALESCE(ap.created_at,"") as prod_created_at, - COALESCE(ap.created_by,"") as prod_created_by, - COALESCE(ap.updated_at,"") as prod_updated_at, - COALESCE(ap.updated_by,"") as prod_updated_by, - COALESCE(ap.proxies,"") as prod_proxies, - COALESCE(ap.environments,"") as prod_environments, - COALESCE(ap.api_resources,"") as prod_resources - - FROM - KMS_APP_CREDENTIAL AS c - INNER JOIN KMS_APP AS a - ON c.app_id = a.id - INNER JOIN KMS_COMPANY AS ad - ON ad.id = a.company_id - INNER JOIN KMS_APP_CREDENTIAL_APIPRODUCT_MAPPER as mp - ON mp.appcred_id = c.id - INNER JOIN KMS_API_PRODUCT as ap - ON ap.id = mp.apiprdt_id - INNER JOIN KMS_ORGANIZATION AS o - ON o.tenant_id = c.tenant_id - WHERE (mp.apiprdt_id = ap.id - AND mp.app_id = a.id - AND mp.appcred_id = c.id - AND c.id = $1 - AND o.name = $2) - ;` - - //cid,csecret,did,dusername,dfirstname,dlastname,demail,dstatus,dcreated_at,dcreated_by,dlast_modified_at,dlast_modified_by, aid,aname,aaccesstype,acallbackurl,adisplay_name,astatus,aappfamily, acompany,acreated_at,acreated_by,alast_modified_at,alast_modified_by,pid,pname,pdisplayname,pquota_limit,pqutoainterval,pquotatimeout,pcreated_at,pcreated_by,plast_modified_at,plast_modified_by sql.NullString - - err := db.QueryRow(sSql, verifyApiKeyReq.Key, verifyApiKeyReq.OrganizationName). - Scan( - cType, - tenantId, - &clientIdDetails.Status, - &clientIdDetails.ClientSecret, - - &tempDeveloperDetails.Id, - &tempDeveloperDetails.UserName, - &tempDeveloperDetails.FirstName, - &tempDeveloperDetails.LastName, - &tempDeveloperDetails.Email, - &tempDeveloperDetails.Status, - &tempDeveloperDetails.CreatedAt, - &tempDeveloperDetails.CreatedBy, - &tempDeveloperDetails.LastmodifiedAt, - &tempDeveloperDetails.LastmodifiedBy, - - &appDetails.Id, - &appDetails.Name, - &appDetails.AccessType, - &appDetails.CallbackUrl, - &appDetails.DisplayName, - &appDetails.Status, - &appDetails.AppFamily, - &appDetails.Company, - &appDetails.CreatedAt, - &appDetails.CreatedBy, - &appDetails.LastmodifiedAt, - &appDetails.LastmodifiedBy, - - &apiProductDetails.Id, - &apiProductDetails.Name, - &apiProductDetails.DisplayName, - &apiProductDetails.QuotaLimit, - &apiProductDetails.QuotaInterval, - &apiProductDetails.QuotaTimeunit, - &apiProductDetails.CreatedAt, - &apiProductDetails.CreatedBy, - &apiProductDetails.LastmodifiedAt, - &apiProductDetails.LastmodifiedBy, - &proxies, - &environments, - &resources, - ) - - if err != nil { - log.Error("error fetching verify apikey details", err) - } - - if err := json.Unmarshal([]byte(proxies), &apiProductDetails.Apiproxies); err != nil { - log.Debug("unmarshall error for proxies, performing custom unmarshal ", proxies, err) - - apiProductDetails.Apiproxies = splitMalformedJson(proxies) - - } - if err := json.Unmarshal([]byte(environments), &apiProductDetails.Environments); err != nil { - log.Debug("unmarshall error for proxies, performing custom unmarshal ", environments, err) - apiProductDetails.Environments = splitMalformedJson(environments) - - } - if err := json.Unmarshal([]byte(resources), &apiProductDetails.Resources); err != nil { - log.Debug("unmarshall error for proxies, performing custom unmarshal ", resources, err) - apiProductDetails.Resources = splitMalformedJson(resources) - - } - - if appDetails.CallbackUrl != "" { - clientIdDetails.RedirectURIs = []string{appDetails.CallbackUrl} - } - - return err -} - -func splitMalformedJson(fjson string) []string { - var fs []string - s := strings.TrimPrefix(fjson, "{") - s = strings.TrimSuffix(s, "}") - if utf8.RuneCountInString(s) > 0 { - fs = strings.Split(s, ",") - } - return fs -}
diff --git a/data.go b/data.go index e754e11..47581c0 100644 --- a/data.go +++ b/data.go
@@ -14,9 +14,13 @@ package apidVerifyApiKey import ( + "database/sql" + "encoding/json" "errors" "github.com/30x/apid-core" + "strings" "sync" + "unicode/utf8" ) type dbManager struct { @@ -53,4 +57,255 @@ setDbVersion(string) initDb() error getDb() apid.DB + getKmsAttributes(tenantId string, entityId string) []Attribute + getApiKeyDetails(dataWrapper *VerifyApiKeyRequestResponseDataWrapper) error +} + +func (dbc *dbManager) getKmsAttributes(tenantId string, entityId string) []Attribute { + + db := dbc.db + var attName, attValue sql.NullString + sql := "select name, value from kms_attributes where tenant_id = $1 and entity_id = $2" + attributesForQuery := []Attribute{} + attributes, err := db.Query(sql, tenantId, entityId) + if err != nil { + log.Error("Error while fetching attributes for tenant id : %s and entityId : %s", tenantId, entityId, err) + return attributesForQuery + } + + for attributes.Next() { + err := attributes.Scan( + &attName, + &attValue, + ) + if err != nil { + log.Error("error fetching attributes for entityid ", entityId, err) + } + if attName.String != "" { + att := Attribute{Name: attName.String, Value: attValue.String} + attributesForQuery = append(attributesForQuery, att) + } + } + log.Debug("attributes returned for query ", sql, " are ", attributesForQuery, tenantId, entityId) + return attributesForQuery +} + +func (dbc dbManager) getApiKeyDetails(dataWrapper *VerifyApiKeyRequestResponseDataWrapper) error { + + db := dbc.db + var proxies, environments, resources string + sSql := ` + SELECT + COALESCE("developer","") as ctype, + COALESCE(c.tenant_id,""), + + COALESCE(c.status,""), + COALESCE(c.consumer_secret,""), + + COALESCE(ad.id,"") as dev_id, + COALESCE(ad.username,"") as dev_username, + COALESCE(ad.first_name,"") as dev_first_name, + COALESCE(ad.last_name,"") as dev_last_name, + COALESCE(ad.email,"") as dev_email, + COALESCE(ad.status,"") as dev_status, + COALESCE(ad.created_at,"") as dev_created_at, + COALESCE(ad.created_by,"") as dev_created_by, + COALESCE(ad.updated_at,"") as dev_updated_at, + COALESCE(ad.updated_by,"") as dev_updated_by, + + COALESCE(a.id,"") as app_id, + COALESCE(a.name,"") as app_name, + COALESCE(a.access_type,"") as app_access_type, + COALESCE(a.callback_url,"") as app_callback_url, + COALESCE(a.display_name,"") as app_display_name, + COALESCE(a.status,"") as app_status, + COALESCE(a.app_family,"") as app_app_family, + COALESCE(a.company_id,"") as app_company_id, + COALESCE(a.created_at,"") as app_created_at, + COALESCE(a.created_by,"") as app_created_by, + COALESCE(a.updated_at,"") as app_updated_at, + COALESCE(a.updated_by,"") as app_updated_by, + + COALESCE(ap.id,"") as prod_id, + COALESCE(ap.name,"") as prod_name, + COALESCE(ap.display_name,"") as prod_display_name, + COALESCE(ap.quota,"") as prod_quota, + COALESCE(ap.quota_interval, 0) as prod_quota_interval, + COALESCE(ap.quota_time_unit,"") as prod_quota_time_unit, + COALESCE(ap.created_at,"") as prod_created_at, + COALESCE(ap.created_by,"") as prod_created_by, + COALESCE(ap.updated_at,"") as prod_updated_at, + COALESCE(ap.updated_by,"") as prod_updated_by, + COALESCE(ap.proxies,"") as prod_proxies, + COALESCE(ap.environments,"") as prod_environments, + COALESCE(ap.api_resources,"") as prod_resources + FROM + KMS_APP_CREDENTIAL AS c + INNER JOIN KMS_APP AS a + ON c.app_id = a.id + INNER JOIN KMS_DEVELOPER AS ad + ON ad.id = a.developer_id + INNER JOIN KMS_APP_CREDENTIAL_APIPRODUCT_MAPPER as mp + ON mp.appcred_id = c.id + INNER JOIN KMS_API_PRODUCT as ap + ON ap.id = mp.apiprdt_id + INNER JOIN KMS_ORGANIZATION AS o + ON o.tenant_id = c.tenant_id + WHERE (mp.apiprdt_id = ap.id + AND mp.app_id = a.id + AND mp.appcred_id = c.id + AND c.id = $1 + AND o.name = $2) + UNION ALL + SELECT + COALESCE("company","") as ctype, + COALESCE(c.tenant_id,""), + + COALESCE(c.status,""), + COALESCE(c.consumer_secret,""), + + COALESCE(ad.id,"") as dev_id, + COALESCE(ad.display_name,"") as dev_username, + COALESCE("","") as dev_first_name, + COALESCE("","") as dev_last_name, + COALESCE("","") as dev_email, + COALESCE(ad.status,"") as dev_status, + COALESCE(ad.created_at,"") as dev_created_at, + COALESCE(ad.created_by,"") as dev_created_by, + COALESCE(ad.updated_at,"") as dev_updated_at, + COALESCE(ad.updated_by,"") as dev_updated_by, + + COALESCE(a.id,"") as app_id, + COALESCE(a.name,"") as app_name, + COALESCE(a.access_type,"") as app_access_type, + COALESCE(a.callback_url,"") as app_callback_url, + COALESCE(a.display_name,"") as app_display_name, + COALESCE(a.status,"") as app_status, + COALESCE(a.app_family,"") as app_app_family, + COALESCE(a.company_id,"") as app_company_id, + COALESCE(a.created_at,"") as app_created_at, + COALESCE(a.created_by,"") as app_created_by, + COALESCE(a.updated_at,"") as app_updated_at, + COALESCE(a.updated_by,"") as app_updated_by, + + COALESCE(ap.id,"") as prod_id, + COALESCE(ap.name,"") as prod_name, + COALESCE(ap.display_name,"") as prod_display_name, + COALESCE(ap.quota,"") as prod_quota, + COALESCE(ap.quota_interval,0) as prod_quota_interval, + COALESCE(ap.quota_time_unit,"") as prod_quota_time_unit, + COALESCE(ap.created_at,"") as prod_created_at, + COALESCE(ap.created_by,"") as prod_created_by, + COALESCE(ap.updated_at,"") as prod_updated_at, + COALESCE(ap.updated_by,"") as prod_updated_by, + COALESCE(ap.proxies,"") as prod_proxies, + COALESCE(ap.environments,"") as prod_environments, + COALESCE(ap.api_resources,"") as prod_resources + + FROM + KMS_APP_CREDENTIAL AS c + INNER JOIN KMS_APP AS a + ON c.app_id = a.id + INNER JOIN KMS_COMPANY AS ad + ON ad.id = a.company_id + INNER JOIN KMS_APP_CREDENTIAL_APIPRODUCT_MAPPER as mp + ON mp.appcred_id = c.id + INNER JOIN KMS_API_PRODUCT as ap + ON ap.id = mp.apiprdt_id + INNER JOIN KMS_ORGANIZATION AS o + ON o.tenant_id = c.tenant_id + WHERE (mp.apiprdt_id = ap.id + AND mp.app_id = a.id + AND mp.appcred_id = c.id + AND c.id = $1 + AND o.name = $2) + ;` + + //cid,csecret,did,dusername,dfirstname,dlastname,demail,dstatus,dcreated_at,dcreated_by,dlast_modified_at,dlast_modified_by, aid,aname,aaccesstype,acallbackurl,adisplay_name,astatus,aappfamily, acompany,acreated_at,acreated_by,alast_modified_at,alast_modified_by,pid,pname,pdisplayname,pquota_limit,pqutoainterval,pquotatimeout,pcreated_at,pcreated_by,plast_modified_at,plast_modified_by sql.NullString + + err := db.QueryRow(sSql, dataWrapper.verifyApiKeyRequest.Key, dataWrapper.verifyApiKeyRequest.OrganizationName). + Scan( + &dataWrapper.ctype, + &dataWrapper.tenant_id, + &dataWrapper.verifyApiKeySuccessResponse.ClientId.Status, + &dataWrapper.verifyApiKeySuccessResponse.ClientId.ClientSecret, + + &dataWrapper.tempDeveloperDetails.Id, + &dataWrapper.tempDeveloperDetails.UserName, + &dataWrapper.tempDeveloperDetails.FirstName, + &dataWrapper.tempDeveloperDetails.LastName, + &dataWrapper.tempDeveloperDetails.Email, + &dataWrapper.tempDeveloperDetails.Status, + &dataWrapper.tempDeveloperDetails.CreatedAt, + &dataWrapper.tempDeveloperDetails.CreatedBy, + &dataWrapper.tempDeveloperDetails.LastmodifiedAt, + &dataWrapper.tempDeveloperDetails.LastmodifiedBy, + + &dataWrapper.verifyApiKeySuccessResponse.App.Id, + &dataWrapper.verifyApiKeySuccessResponse.App.Name, + &dataWrapper.verifyApiKeySuccessResponse.App.AccessType, + &dataWrapper.verifyApiKeySuccessResponse.App.CallbackUrl, + &dataWrapper.verifyApiKeySuccessResponse.App.DisplayName, + &dataWrapper.verifyApiKeySuccessResponse.App.Status, + &dataWrapper.verifyApiKeySuccessResponse.App.AppFamily, + &dataWrapper.verifyApiKeySuccessResponse.App.Company, + &dataWrapper.verifyApiKeySuccessResponse.App.CreatedAt, + &dataWrapper.verifyApiKeySuccessResponse.App.CreatedBy, + &dataWrapper.verifyApiKeySuccessResponse.App.LastmodifiedAt, + &dataWrapper.verifyApiKeySuccessResponse.App.LastmodifiedBy, + + &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.Id, + &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.Name, + &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.DisplayName, + &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.QuotaLimit, + &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.QuotaInterval, + &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.QuotaTimeunit, + &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.CreatedAt, + &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.CreatedBy, + &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.LastmodifiedAt, + &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.LastmodifiedBy, + &proxies, + &environments, + &resources, + ) + + if err != nil { + log.Error("error fetching verify apikey details", err) + return err + } + + if err := json.Unmarshal([]byte(proxies), &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.Apiproxies); err != nil { + log.Debug("unmarshall error for proxies, performing custom unmarshal ", proxies, err) + + dataWrapper.verifyApiKeySuccessResponse.ApiProduct.Apiproxies = splitMalformedJson(proxies) + + } + if err := json.Unmarshal([]byte(environments), &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.Environments); err != nil { + log.Debug("unmarshall error for proxies, performing custom unmarshal ", environments, err) + dataWrapper.verifyApiKeySuccessResponse.ApiProduct.Environments = splitMalformedJson(environments) + + } + if err := json.Unmarshal([]byte(resources), &dataWrapper.verifyApiKeySuccessResponse.ApiProduct.Resources); err != nil { + log.Debug("unmarshall error for proxies, performing custom unmarshal ", resources, err) + dataWrapper.verifyApiKeySuccessResponse.ApiProduct.Resources = splitMalformedJson(resources) + + } + + if dataWrapper.verifyApiKeySuccessResponse.App.CallbackUrl != "" { + dataWrapper.verifyApiKeySuccessResponse.ClientId.RedirectURIs = []string{dataWrapper.verifyApiKeySuccessResponse.App.CallbackUrl} + } + + log.Debug("dataWrapper : ", dataWrapper) + + return err +} + +func splitMalformedJson(fjson string) []string { + var fs []string + s := strings.TrimPrefix(fjson, "{") + s = strings.TrimSuffix(s, "}") + if utf8.RuneCountInString(s) > 0 { + fs = strings.Split(s, ",") + } + return fs }
diff --git a/validate_path.go b/validate_path.go index f213bd8..c03080f 100644 --- a/validate_path.go +++ b/validate_path.go
@@ -25,39 +25,7 @@ * "**" gets de-normalized as ".*" and "*" as everything till * the next "/". */ -func validatePath(basePath, requestBase string) bool { - - s := strings.TrimPrefix(basePath, "{") - s = strings.TrimSuffix(s, "}") - fs := strings.Split(s, ",") - for _, a := range fs { - str1 := strings.Replace(a, "**", "(.*)", -1) - str2 := strings.Replace(a, "*", "([^/]+)", -1) - if a != str1 { - reg, _ := regexp.Compile(str1) - res := reg.MatchString(requestBase) - if res == true { - return true - } - } else if a != str2 { - reg, _ := regexp.Compile(str2) - res := reg.MatchString(requestBase) - if res == true { - return true - } - } else if requestBase == a { - return true - } - - /* - * FIXME: SINGLE_FORWARD_SLASH_PATTERN not supported yet - */ - } - /* if the i/p resource is empty, no checks need to be made */ - return s == "" -} - -func validatePathRegex(fs []string, requestBase string) bool { +func validatePath(fs []string, requestBase string) bool { for _, a := range fs { str1 := strings.Replace(a, "**", "(.*)", -1)
diff --git a/verifyApiKeyStructs.go b/verifyApiKeyStructs.go index 633ca60..c5656ac 100644 --- a/verifyApiKeyStructs.go +++ b/verifyApiKeyStructs.go
@@ -116,3 +116,11 @@ Identifier string `json:"identifier,omitempty"` Kind string `json:"kind,omitempty"` } + +type VerifyApiKeyRequestResponseDataWrapper struct { + verifyApiKeyRequest VerifyApiKeyRequest + verifyApiKeySuccessResponse VerifyApiKeySuccessResponse + tempDeveloperDetails DeveloperDetails + ctype string + tenant_id string +}