Google Git
Sign in
edge/apidVerifyApiKey/c5788ed5c9c3fe1ebc7bb6a0c9c1a41dfeaeee20^!/.
commit
c5788ed5c9c3fe1ebc7bb6a0c9c1a41dfeaeee20
[log]
author
Rajanish GJ <rajanishgj@google.com>
Wed Aug 02 00:40:09 2017 -0700
committer
Rajanish GJ <rajanishgj@google.com>
Wed Aug 02 00:40:09 2017 -0700
tree
3bd3750a458e333aa31d38e9ec68387ec329f975
parent
604a75ea501455db8727c7b6375a4d566311395c [diff]
refactor verify api key

diff --git a/api.go b/api.go
index 93ea754..aa6f27c 100644
--- a/api.go
+++ b/api.go

@@ -17,11 +17,12 @@
 import (
 	"database/sql"
 	"encoding/json"
-	"github.com/30x/apid-core"
-	"net/http"
-	"io/ioutil"
 	"errors"
+	"github.com/30x/apid-core"
 	"io"
+	"io/ioutil"
+	"net/http"
+	"strings"
 )
 
 type apiManagerInterface interface {
@@ -30,9 +31,9 @@
 	//distributeEvents()
 }
 type apiManager struct {
-	dbMan               dbManagerInterface
+	dbMan             dbManagerInterface
 	verifiersEndpoint string
-	apiInitialized      bool
+	apiInitialized    bool
 }
 
 func (a *apiManager) InitAPI() {
@@ -87,7 +88,7 @@
 	// 2. verify params
 	if verifyApiKeyReq.Action == "" || verifyApiKeyReq.ApiProxyName == "" || verifyApiKeyReq.EnvironmentName == "" || verifyApiKeyReq.Key == "" {
 		// TODO : set correct fields in error response
-		errorResponse , _ := errorResponse("Bad_REQUEST","Missing element")
+		errorResponse, _ := errorResponse("Bad_REQUEST", "Missing element")
 		w.Write(errorResponse)
 		return VerifyApiKeyRequest{}, errors.New("Bad_REQUEST")
 	}
@@ -97,33 +98,26 @@
 // returns []byte to be written to client
 func verifyAPIKey(verifyApiKeyReq VerifyApiKeyRequest, db apid.DB) ([]byte, error) {
 
-	key := verifyApiKeyReq.Key
-	organizationName := verifyApiKeyReq.OrganizationName
-	environmentName := verifyApiKeyReq.EnvironmentName
-	path := verifyApiKeyReq.UriPath
-	//action := verifyApiKeyReq.Action
-
 	/* these fields need to be nullable types for scanning.  This is because when using json snapshots,
 	   and therefore being responsible for inserts, we were able to default everything to be not null.  With
 	   sqlite snapshots, we are not necessarily guaranteed that
 	*/
 	var finalDeveloperDetails DeveloperDetails
 	var companyDetails CompanyDetails
-	var proxies, environments string
-	var resName, resEnv, cType, tenantId sql.NullString
+	var cType, tenantId sql.NullString
 
 	tempDeveloperDetails := DeveloperDetails{}
 	appDetails := AppDetails{}
 	apiProductDetails := ApiProductDetails{}
 	clientIdDetails := ClientIdDetails{}
-	clientIdDetails.ClientId = key
+	clientIdDetails.ClientId = verifyApiKeyReq.Key
 
-	err := getApiKeyDetails(db, verifyApiKeyReq, &proxies, &environments, &resName, &resEnv, &cType, &tenantId, &tempDeveloperDetails, &appDetails, &apiProductDetails,&clientIdDetails)
+	err := getApiKeyDetails(db, verifyApiKeyReq, &cType, &tenantId, &tempDeveloperDetails, &appDetails, &apiProductDetails, &clientIdDetails)
 
 	switch {
 	case err == sql.ErrNoRows:
-		reason := "API Key verify failed for (" + key + ", " + organizationName +")"
-		errorCode := "REQ_ENTRY_NOT_FOUND"
+		reason := "API Key verify failed for (" + verifyApiKeyReq.Key + ", " + verifyApiKeyReq.OrganizationName + ")"
+		errorCode := "oauth.v2.InvalidApiKey"
 		return errorResponse(reason, errorCode)
 
 	case err != nil:
@@ -136,70 +130,103 @@
 	 * Perform all validations related to the Query made with the data
 	 * we just retrieved
 	 */
-	result := validatePath(resName.String, path)
-	if result == false {
-		reason := "Path Validation Failed (" + resName.String + " vs " + path + ")"
-		errorCode := "PATH_VALIDATION_FAILED"
-		return errorResponse(reason, errorCode)
+	errResponse, err := performValidations(verifyApiKeyReq, clientIdDetails, appDetails, tempDeveloperDetails, apiProductDetails, cType)
 
+	if errResponse != nil {
+		return errResponse, err
 	}
 
-	/* Verify if the ENV matches */
-	result = validateEnv(resEnv.String, environmentName)
-	if result == false {
-		reason := "ENV Validation Failed (" + resEnv.String + " vs " + environmentName + ")"
-		errorCode := "ENV_VALIDATION_FAILED"
-		return errorResponse(reason, errorCode)
-	}
-
-	setAttributes(db, tenantId.String, &clientIdDetails, &appDetails, &tempDeveloperDetails, &apiProductDetails)
-
-	if appDetails.CallbackUrl != "" {
-		clientIdDetails.RedirectURIs = []string{appDetails.CallbackUrl}
-	}
-	if err := json.Unmarshal([]byte(proxies), &apiProductDetails.Apiproxies); err != nil {
-		log.Debug("unmarshall error for proxies, sending as is ", err)
-		apiProductDetails.Apiproxies = []string{proxies }
-	}
-	if err := json.Unmarshal([]byte(environments), &apiProductDetails.Environments); err != nil {
-		log.Debug("unmarshall error for proxies, sending as is ", err)
-		apiProductDetails.Environments = []string{environments }
-	}
+	encrichAttributes(db, tenantId.String, &clientIdDetails, &appDetails, &tempDeveloperDetails, &apiProductDetails)
 
 	if cType.String == "developer" {
 		finalDeveloperDetails = tempDeveloperDetails
 	} else {
 		companyDetails = CompanyDetails{
-			Id: tempDeveloperDetails.Id,
-			DisplayName: tempDeveloperDetails.UserName,
-			Status: tempDeveloperDetails.Status,
-			CreatedAt: tempDeveloperDetails.CreatedAt,
-			CreatedBy: tempDeveloperDetails.CreatedBy,
+			Id:             tempDeveloperDetails.Id,
+			DisplayName:    tempDeveloperDetails.UserName,
+			Status:         tempDeveloperDetails.Status,
+			CreatedAt:      tempDeveloperDetails.CreatedAt,
+			CreatedBy:      tempDeveloperDetails.CreatedBy,
 			LastmodifiedAt: tempDeveloperDetails.LastmodifiedAt,
 			LastmodifiedBy: tempDeveloperDetails.LastmodifiedBy,
-			Attributes: tempDeveloperDetails.Attributes,
+			Attributes:     tempDeveloperDetails.Attributes,
 		}
 
 	}
 
 	resp := VerifyApiKeySuccessResponse{
-		ClientId: clientIdDetails,
-		Organization: organizationName,
-		Environment: resEnv.String,
-		Developer:   finalDeveloperDetails,
-		Company:     companyDetails,
-		App:         appDetails,
-		ApiProduct:  apiProductDetails,
+		ClientId:     clientIdDetails,
+		Organization: verifyApiKeyReq.OrganizationName,
+		Environment:  verifyApiKeyReq.EnvironmentName,
+		Developer:    finalDeveloperDetails,
+		Company:      companyDetails,
+		App:          appDetails,
+		ApiProduct:   apiProductDetails,
 		// Identifier of the authorization code. This will be unique for each request.
-		Identifier: key, // TODO : what is this ?????
-		Kind:       "Collection", // TODO : what is this ????
+		Identifier: verifyApiKeyReq.Key, // TODO : what is this ?????
+		Kind:       "Collection",        // TODO : what is this ????
 
 	}
 
 	return json.Marshal(resp)
 }
 
-func setAttributes(db apid.DB, tenantId string, clientIdDetails *ClientIdDetails, appDetails *AppDetails, tempDeveloperDetails *DeveloperDetails, apiProductDetails *ApiProductDetails ){
+func performValidations(verifyApiKeyReq VerifyApiKeyRequest, clientIdDetails ClientIdDetails, appDetails AppDetails, tempDeveloperDetails DeveloperDetails, apiProductDetails ApiProductDetails, cType sql.NullString) ([]byte, error) {
+	if !strings.EqualFold("APPROVED", clientIdDetails.Status) {
+		reason := "API Key verify failed for (" + verifyApiKeyReq.Key + ", " + verifyApiKeyReq.OrganizationName + ")"
+		errorCode := "oauth.v2.ApiKeyNotApproved"
+		return errorResponse(reason, errorCode)
+	}
+
+	if !strings.EqualFold("APPROVED", appDetails.Status) {
+		reason := "API Key verify failed for (" + verifyApiKeyReq.Key + ", " + verifyApiKeyReq.OrganizationName + ")"
+		errorCode := "keymanagement.service.invalid_client-app_not_approved"
+		return errorResponse(reason, errorCode)
+	}
+
+	if !strings.EqualFold("ACTIVE", tempDeveloperDetails.Status) {
+		reason := "API Key verify failed for (" + verifyApiKeyReq.Key + ", " + verifyApiKeyReq.OrganizationName + ")"
+		errorCode := "keymanagement.service.DeveloperStatusNotActive"
+		if cType.String == "company" {
+			errorCode = "keymanagement.service.CompanyStatusNotActive"
+		}
+		return errorResponse(reason, errorCode)
+	}
+
+	result := validatePathRegex(apiProductDetails.Resources, verifyApiKeyReq.UriPath)
+	if result == false {
+		reason := "Path Validation Failed (" + strings.Join(apiProductDetails.Resources, ", ") + " vs " + verifyApiKeyReq.UriPath + ")"
+		errorCode := "oauth.v2.InvalidApiKeyForGivenResource"
+		return errorResponse(reason, errorCode)
+	}
+
+	/* Verify if the ENV matches */
+	if verifyApiKeyReq.ValidateAgainstApiProxiesAndEnvs && !contains(apiProductDetails.Environments, verifyApiKeyReq.EnvironmentName) {
+		reason := "ENV Validation Failed (" + strings.Join(apiProductDetails.Environments, ", ") + " vs " + verifyApiKeyReq.EnvironmentName + ")"
+		errorCode := "oauth.v2.InvalidApiKeyForGivenResource"
+		return errorResponse(reason, errorCode)
+	}
+
+	if verifyApiKeyReq.ValidateAgainstApiProxiesAndEnvs && !contains(apiProductDetails.Apiproxies, verifyApiKeyReq.ApiProxyName) {
+		reason := "Proxy Validation Failed (" + strings.Join(apiProductDetails.Apiproxies, ", ") + " vs " + verifyApiKeyReq.ApiProxyName + ")"
+		errorCode := "oauth.v2.InvalidApiKeyForGivenResource"
+		return errorResponse(reason, errorCode)
+	}
+
+	return nil, nil
+
+}
+
+func contains(givenArray []string, searchString string) bool {
+	for _, element := range givenArray {
+		if element == searchString {
+			return true
+		}
+	}
+	return false
+}
+
+func encrichAttributes(db apid.DB, tenantId string, clientIdDetails *ClientIdDetails, appDetails *AppDetails, tempDeveloperDetails *DeveloperDetails, apiProductDetails *ApiProductDetails) {
 	clientIdAttributes := getKmsAttributes(db, tenantId, clientIdDetails.ClientId)
 	developerAttributes := getKmsAttributes(db, tenantId, tempDeveloperDetails.Id)
 	appAttributes := getKmsAttributes(db, tenantId, appDetails.Id)
@@ -215,7 +242,6 @@
 	attributesForQuery := []Attribute{}
 	attributes, err := db.Query(sql, tenantId, entityId)
 
-
 	if err != nil {
 		log.Error("Error while fetching attributes for tenant id : %s and entityId : %s", tenantId, entityId, err)
 		return attributesForQuery
@@ -227,13 +253,13 @@
 			&att.Value,
 		)
 		if err != nil {
-			log.Error("error fetching attributes for entityid ", entityId , err)
+			log.Error("error fetching attributes for entityid ", entityId, err)
 		}
-		if att.Name != "" {
+		if att.Name != "errorResponse" {
 			attributesForQuery = append(attributesForQuery, att)
 		}
 	}
-	log.Debug("attributes returned for query ", sql , " are ", attributesForQuery , tenantId , entityId)
+	log.Debug("attributes returned for query ", sql, " are ", attributesForQuery, tenantId, entityId)
 	return attributesForQuery
 }
 
@@ -250,54 +276,54 @@
 	return json.Marshal(resp)
 }
 
-func getApiKeyDetails(db apid.DB, verifyApiKeyReq VerifyApiKeyRequest, proxies, environments *string, resName, resEnv, cType, tenantId *sql.NullString, tempDeveloperDetails *DeveloperDetails, appDetails *AppDetails, apiProductDetails *ApiProductDetails, clientIdDetails *ClientIdDetails) (error) {
+func getApiKeyDetails(db apid.DB, verifyApiKeyReq VerifyApiKeyRequest, cType, tenantId *sql.NullString, tempDeveloperDetails *DeveloperDetails, appDetails *AppDetails, apiProductDetails *ApiProductDetails, clientIdDetails *ClientIdDetails) error {
 
+	var proxies, environments, resources string
 	sSql := `
 		SELECT
-			ap.api_resources,
-			ap.environments,
-			"developer" as ctype,
-			c.tenant_id,
+			COALESCE("developer","") as ctype,
+			COALESCE(c.tenant_id,""),
 
-			c.status,
-			c.consumer_secret,
+			COALESCE(c.status,""),
+			COALESCE(c.consumer_secret,""),
 
-			ad.id as dev_id,
-			ad.username as dev_username,
-			ad.first_name as dev_first_name,
-			ad.last_name as dev_last_name,
-			ad.email as dev_email,
-			ad.status as dev_status,
-			ad.created_at as dev_created_at,
-			ad.created_by as dev_created_by,
-			ad.updated_at as dev_updated_at,
-			ad.updated_by as dev_updated_by,
+			COALESCE(ad.id,"") as dev_id,
+			COALESCE(ad.username,"") as dev_username,
+			COALESCE(ad.first_name,"") as dev_first_name,
+			COALESCE(ad.last_name,"") as dev_last_name,
+			COALESCE(ad.email,"") as dev_email,
+			COALESCE(ad.status,"") as dev_status,
+			COALESCE(ad.created_at,"") as dev_created_at,
+			COALESCE(ad.created_by,"") as dev_created_by,
+			COALESCE(ad.updated_at,"") as dev_updated_at,
+			COALESCE(ad.updated_by,"") as dev_updated_by,
 
-			a.id as app_id,
-			a.name as app_name,
-			a.access_type as app_access_type,
-			a.callback_url as app_callback_url,
-			a.display_name as app_display_name,
-			a.status as app_status,
-			a.app_family as app_app_family,
-			a.company_id as app_company_id,
-			a.created_at as app_created_at,
-			a.created_by as app_created_by,
-			a.updated_at as app_updated_at,
-			a.updated_by as app_updated_by,
+			COALESCE(a.id,"") as app_id,
+			COALESCE(a.name,"") as app_name,
+			COALESCE(a.access_type,"") as app_access_type,
+			COALESCE(a.callback_url,"") as app_callback_url,
+			COALESCE(a.display_name,"") as app_display_name,
+			COALESCE(a.status,"") as app_status,
+			COALESCE(a.app_family,"") as app_app_family,
+			COALESCE(a.company_id,"") as app_company_id,
+			COALESCE(a.created_at,"") as app_created_at,
+			COALESCE(a.created_by,"") as app_created_by,
+			COALESCE(a.updated_at,"") as app_updated_at,
+			COALESCE(a.updated_by,"") as app_updated_by,
 
-			ap.id as prod_id,
-			ap.name as prod_name,
-			ap.display_name as prod_display_name,
-			ap.quota as prod_quota,
-			COALESCE(ap.quota_interval, '') as prod_quota_interval,
-			ap.quota_time_unit as prod_quota_time_unit,
-			ap.created_at as prod_created_at,
-			ap.created_by as prod_created_by,
-			ap.updated_at as prod_updated_at,
-			ap.updated_by as prod_updated_by,
-			ap.proxies as prod_proxies,
-			ap.environments as prod_environments
+			COALESCE(ap.id,"") as prod_id,
+			COALESCE(ap.name,"") as prod_name,
+			COALESCE(ap.display_name,"") as prod_display_name,
+			COALESCE(ap.quota,"") as prod_quota,
+			COALESCE(ap.quota_interval, 0) as prod_quota_interval,
+			COALESCE(ap.quota_time_unit,"") as prod_quota_time_unit,
+			COALESCE(ap.created_at,"") as prod_created_at,
+			COALESCE(ap.created_by,"") as prod_created_by,
+			COALESCE(ap.updated_at,"") as prod_updated_at,
+			COALESCE(ap.updated_by,"") as prod_updated_by,
+			COALESCE(ap.proxies,"") as prod_proxies,
+			COALESCE(ap.environments,"") as prod_environments,
+			COALESCE(ap.api_resources,"") as prod_resources
 		FROM
 			KMS_APP_CREDENTIAL AS c
 			INNER JOIN KMS_APP AS a
@@ -310,60 +336,56 @@
 				ON ap.id = mp.apiprdt_id
 			INNER JOIN KMS_ORGANIZATION AS o
 				ON o.tenant_id = c.tenant_id
-		WHERE (UPPER(ad.status) = 'ACTIVE'
-			AND mp.apiprdt_id = ap.id
+		WHERE 	(mp.apiprdt_id = ap.id
 			AND mp.app_id = a.id
 			AND mp.appcred_id = c.id
-			AND UPPER(mp.status) = 'APPROVED'
-			AND UPPER(a.status) = 'APPROVED'
 			AND c.id = $1
 			AND o.name = $2)
 		UNION ALL
 		SELECT
-			ap.api_resources,
-			ap.environments,
-			"company" as ctype,
-			c.tenant_id,
+			COALESCE("company","") as ctype,
+			COALESCE(c.tenant_id,""),
 
-			c.status,
-			c.consumer_secret,
+			COALESCE(c.status,""),
+			COALESCE(c.consumer_secret,""),
 
-			ad.id as dev_id,
-			ad.display_name as dev_username,
-			"" as dev_first_name,
-			"" as dev_last_name,
-			"" as dev_email,
-			ad.status as dev_status,
-			ad.created_at as dev_created_at,
-			ad.created_by as dev_created_by,
-			ad.updated_at as dev_updated_at,
-			ad.updated_by as dev_updated_by,
+			COALESCE(ad.id,"") as dev_id,
+			COALESCE(ad.display_name,"") as dev_username,
+			COALESCE("","") as dev_first_name,
+			COALESCE("","") as dev_last_name,
+			COALESCE("","") as dev_email,
+			COALESCE(ad.status,"") as dev_status,
+			COALESCE(ad.created_at,"") as dev_created_at,
+			COALESCE(ad.created_by,"") as dev_created_by,
+			COALESCE(ad.updated_at,"") as dev_updated_at,
+			COALESCE(ad.updated_by,"") as dev_updated_by,
 
-			a.id as app_id,
-			a.name as app_name,
-			a.access_type as app_access_type,
-			a.callback_url as app_callback_url,
-			a.display_name as app_display_name,
-			a.status as app_status,
-			a.app_family as app_app_family,
-			a.company_id as app_company_id,
-			a.created_at as app_created_at,
-			a.created_by as app_created_by,
-			a.updated_at as app_updated_at,
-			a.updated_by as app_updated_by,
+			COALESCE(a.id,"") as app_id,
+			COALESCE(a.name,"") as app_name,
+			COALESCE(a.access_type,"") as app_access_type,
+			COALESCE(a.callback_url,"") as app_callback_url,
+			COALESCE(a.display_name,"") as app_display_name,
+			COALESCE(a.status,"") as app_status,
+			COALESCE(a.app_family,"") as app_app_family,
+			COALESCE(a.company_id,"") as app_company_id,
+			COALESCE(a.created_at,"") as app_created_at,
+			COALESCE(a.created_by,"") as app_created_by,
+			COALESCE(a.updated_at,"") as app_updated_at,
+			COALESCE(a.updated_by,"") as app_updated_by,
 
-			ap.id as prod_id,
-			ap.name as prod_name,
-			ap.display_name as prod_display_name,
-			ap.quota as prod_quota,
-			COALESCE(ap.quota_interval, '') as prod_quota_interval,
-			ap.quota_time_unit as prod_quota_time_unit,
-			ap.created_at as prod_created_at,
-			ap.created_by as prod_created_by,
-			ap.updated_at as prod_updated_at,
-			ap.updated_by as prod_updated_by,
-			ap.proxies as prod_proxies,
-			ap.environments as prod_environments
+			COALESCE(ap.id,"") as prod_id,
+			COALESCE(ap.name,"") as prod_name,
+			COALESCE(ap.display_name,"") as prod_display_name,
+			COALESCE(ap.quota,"") as prod_quota,
+			COALESCE(ap.quota_interval,0) as prod_quota_interval,
+			COALESCE(ap.quota_time_unit,"") as prod_quota_time_unit,
+			COALESCE(ap.created_at,"") as prod_created_at,
+			COALESCE(ap.created_by,"") as prod_created_by,
+			COALESCE(ap.updated_at,"") as prod_updated_at,
+			COALESCE(ap.updated_by,"") as prod_updated_by,
+			COALESCE(ap.proxies,"") as prod_proxies,
+			COALESCE(ap.environments,"") as prod_environments,
+			COALESCE(ap.api_resources,"") as prod_resources
 
 		FROM
 			KMS_APP_CREDENTIAL AS c
@@ -377,62 +399,98 @@
 				ON ap.id = mp.apiprdt_id
 			INNER JOIN KMS_ORGANIZATION AS o
 				ON o.tenant_id = c.tenant_id
-		WHERE (UPPER(ad.status) = 'ACTIVE'
-			AND mp.apiprdt_id = ap.id
+		WHERE   (mp.apiprdt_id = ap.id
 			AND mp.app_id = a.id
 			AND mp.appcred_id = c.id
-			AND UPPER(mp.status) = 'APPROVED'
-			AND UPPER(a.status) = 'APPROVED'
 			AND c.id = $1
 			AND o.name = $2)
 	;`
 
+	//cid,csecret,did,dusername,dfirstname,dlastname,demail,dstatus,dcreated_at,dcreated_by,dlast_modified_at,dlast_modified_by, aid,aname,aaccesstype,acallbackurl,adisplay_name,astatus,aappfamily, acompany,acreated_at,acreated_by,alast_modified_at,alast_modified_by,pid,pname,pdisplayname,pquota_limit,pqutoainterval,pquotatimeout,pcreated_at,pcreated_by,plast_modified_at,plast_modified_by sql.NullString
+
 	err := db.QueryRow(sSql, verifyApiKeyReq.Key, verifyApiKeyReq.OrganizationName).
 		Scan(
-		resName,
-		resEnv,
-		cType,
-		tenantId,
-		&clientIdDetails.Status,
-		&clientIdDetails.ClientSecret,
+			cType,
+			tenantId,
+			&clientIdDetails.Status,
+			&clientIdDetails.ClientSecret,
 
-		&tempDeveloperDetails.Id,
-		&tempDeveloperDetails.UserName,
-		&tempDeveloperDetails.FirstName,
-		&tempDeveloperDetails.LastName,
-		&tempDeveloperDetails.Email,
-		&tempDeveloperDetails.Status,
-		&tempDeveloperDetails.CreatedAt,
-		&tempDeveloperDetails.CreatedBy,
-		&tempDeveloperDetails.LastmodifiedAt,
-		&tempDeveloperDetails.LastmodifiedBy,
+			&tempDeveloperDetails.Id,
+			&tempDeveloperDetails.UserName,
+			&tempDeveloperDetails.FirstName,
+			&tempDeveloperDetails.LastName,
+			&tempDeveloperDetails.Email,
+			&tempDeveloperDetails.Status,
+			&tempDeveloperDetails.CreatedAt,
+			&tempDeveloperDetails.CreatedBy,
+			&tempDeveloperDetails.LastmodifiedAt,
+			&tempDeveloperDetails.LastmodifiedBy,
 
-		&appDetails.Id,
-		&appDetails.Name,
-		&appDetails.AccessType,
-		&appDetails.CallbackUrl,
-		&appDetails.DisplayName,
-		&appDetails.Status,
-		&appDetails.AppFamily,
-		&appDetails.Company,
-		&appDetails.CreatedAt,
-		&appDetails.CreatedBy,
-		&appDetails.LastmodifiedAt,
-		&appDetails.LastmodifiedBy,
+			&appDetails.Id,
+			&appDetails.Name,
+			&appDetails.AccessType,
+			&appDetails.CallbackUrl,
+			&appDetails.DisplayName,
+			&appDetails.Status,
+			&appDetails.AppFamily,
+			&appDetails.Company,
+			&appDetails.CreatedAt,
+			&appDetails.CreatedBy,
+			&appDetails.LastmodifiedAt,
+			&appDetails.LastmodifiedBy,
 
-		&apiProductDetails.Id,
-		&apiProductDetails.Name,
-		&apiProductDetails.DisplayName,
-		&apiProductDetails.QuotaLimit,
-		&apiProductDetails.QuotaInterval,
-		&apiProductDetails.QuotaTimeunit,
-		&apiProductDetails.CreatedAt,
-		&apiProductDetails.CreatedBy,
-		&apiProductDetails.LastmodifiedAt,
-		&apiProductDetails.LastmodifiedBy,
-		proxies,
-		environments,
-	)
+			&apiProductDetails.Id,
+			&apiProductDetails.Name,
+			&apiProductDetails.DisplayName,
+			&apiProductDetails.QuotaLimit,
+			&apiProductDetails.QuotaInterval,
+			&apiProductDetails.QuotaTimeunit,
+			&apiProductDetails.CreatedAt,
+			&apiProductDetails.CreatedBy,
+			&apiProductDetails.LastmodifiedAt,
+			&apiProductDetails.LastmodifiedBy,
+			&proxies,
+			&environments,
+			&resources,
+		)
+
+	if err != nil {
+		log.Error("error fetching verify apikey details", err)
+	}
+
+	if err := json.Unmarshal([]byte(proxies), &apiProductDetails.Apiproxies); err != nil {
+		log.Debug("unmarshall error for proxies, performing custom unmarshal ", proxies, err)
+		stringArray := splitMalformedJson(proxies)
+		if len(stringArray) > 0 {
+			apiProductDetails.Apiproxies = splitMalformedJson(proxies)
+		}
+	}
+	if err := json.Unmarshal([]byte(environments), &apiProductDetails.Environments); err != nil {
+		log.Debug("unmarshall error for proxies, performing custom unmarshal ", environments, err)
+		stringArray := splitMalformedJson(environments)
+		if len(stringArray) > 0 {
+			apiProductDetails.Environments = splitMalformedJson(environments)
+		}
+	}
+	if err := json.Unmarshal([]byte(resources), &apiProductDetails.Resources); err != nil {
+		log.Debug("unmarshall error for proxies, performing custom unmarshal ", resources, err)
+		stringArray := splitMalformedJson(resources)
+		if len(stringArray) > 0 {
+			apiProductDetails.Resources = stringArray
+		}
+	}
+
+	if appDetails.CallbackUrl != "" {
+		clientIdDetails.RedirectURIs = []string{appDetails.CallbackUrl}
+	}
 
 	return err
-}
\ No newline at end of file
+}
+
+func splitMalformedJson(fjson string) []string {
+	s := strings.TrimPrefix(fjson, "{")
+	s = strings.TrimSuffix(s, "}")
+	fs := strings.Split(s, ",")
+	log.Debug("processing splitMalformedJson for ", fjson, " and result is ", fs)
+	return fs
+}

diff --git a/data.go b/data.go
index 6342ad4..e754e11 100644
--- a/data.go
+++ b/data.go

@@ -14,9 +14,9 @@
 package apidVerifyApiKey
 
 import (
+	"errors"
 	"github.com/30x/apid-core"
 	"sync"
-	"errors"
 )
 
 type dbManager struct {
@@ -52,6 +52,5 @@
 type dbManagerInterface interface {
 	setDbVersion(string)
 	initDb() error
-	getDb() (apid.DB)
+	getDb() apid.DB
 }
-

diff --git a/init.go b/init.go
index fc94bfd..5251cd1 100644
--- a/init.go
+++ b/init.go

@@ -25,8 +25,8 @@
 )
 
 var (
-	services         apid.Services
-	log              apid.LogService
+	services apid.Services
+	log      apid.LogService
 )
 
 func init() {
@@ -46,12 +46,12 @@
 	}
 	dbMan.initDb()
 	apiMan := apiManager{
-		dbMan: dbMan,
-		verifiersEndpoint:  apiPath,
+		dbMan:             dbMan,
+		verifiersEndpoint: apiPath,
 	}
 
 	syncHandler := apigeeSyncHandler{
-		dbMan : dbMan,
+		dbMan:  dbMan,
 		apiMan: apiMan,
 	}
 

diff --git a/listener.go b/listener.go
index 4ad6149..19ff9cc 100644
--- a/listener.go
+++ b/listener.go

@@ -20,14 +20,13 @@
 )
 
 const (
-	APIGEE_SYNC_EVENT     = "ApigeeSync"
+	APIGEE_SYNC_EVENT = "ApigeeSync"
 )
 
-
 type apigeeSyncHandler struct {
-	dbMan     dbManagerInterface
-	apiMan 	apiManager
-	closed    bool
+	dbMan  dbManagerInterface
+	apiMan apiManager
+	closed bool
 }
 
 func (h *apigeeSyncHandler) initListener(services apid.Services) {

diff --git a/structApiProductDetails.go b/structApiProductDetails.go
deleted file mode 100755
index 7dee961..0000000
--- a/structApiProductDetails.go
+++ /dev/null

@@ -1,35 +0,0 @@
-package apidVerifyApiKey
-
-// Fields related to app
-type ApiProductDetails struct {
-	Id string `json:"id,omitempty"`
-
-	Name string `json:"name,omitempty"`
-
-	DisplayName string `json:"displayName,omitempty"`
-
-	QuotaLimit string `json:"quota.limit,omitempty"`
-
-	QuotaInterval string `json:"quota.interval,omitempty"`
-
-	QuotaTimeunit string `json:"quota.timeunit,omitempty"`
-
-	Status string `json:"status,omitempty"`
-
-	CreatedAt string `json:"created_at,omitempty"`
-
-	CreatedBy string `json:"created_by,omitempty"`
-
-	LastmodifiedAt string `json:"lastmodified_at,omitempty"`
-
-	LastmodifiedBy string `json:"lastmodified_by,omitempty"`
-
-	Company string `json:"company,omitempty"`
-
-	Environments []string `json:"environments,omitempty"`
-
-	Apiproxies []string `json:"apiproxies,omitempty"`
-
-	// Attributes associated with the apiproduct.
-	Attributes []Attribute `json:"attributes,omitempty"`
-}

diff --git a/structAppDetails.go b/structAppDetails.go
deleted file mode 100755
index edd868e..0000000
--- a/structAppDetails.go
+++ /dev/null

@@ -1,33 +0,0 @@
-package apidVerifyApiKey
-
-// Fields related to app
-type AppDetails struct {
-	Id string `json:"id,omitempty"`
-
-	Name string `json:"name,omitempty"`
-
-	AccessType string `json:"accessType,omitempty"`
-
-	CallbackUrl string `json:"callbackUrl,omitempty"`
-
-	DisplayName string `json:"displayName,omitempty"`
-
-	Status string `json:"status,omitempty"`
-
-	Apiproducts []string `json:"apiproducts,omitempty"`
-
-	AppFamily string `json:"appFamily,omitempty"`
-
-	CreatedAt string `json:"created_at,omitempty"`
-
-	CreatedBy string `json:"created_by,omitempty"`
-
-	LastmodifiedAt string `json:"lastmodified_at,omitempty"`
-
-	LastmodifiedBy string `json:"lastmodified_by,omitempty"`
-
-	Company string `json:"company,omitempty"`
-
-	// Attributes associated with the app.
-	Attributes []Attribute `json:"attributes,omitempty"`
-}

diff --git a/structAttribute.go b/structAttribute.go
deleted file mode 100755
index 5fcd527..0000000
--- a/structAttribute.go
+++ /dev/null

@@ -1,10 +0,0 @@
-package apidVerifyApiKey
-
-// Attribute details
-type Attribute struct {
-	Name string `json:"Name,omitempty"`
-
-	Value string `json:"Value,omitempty"`
-
-	Kind string `json:"kind,omitempty"`
-}

diff --git a/structClientIdDetails.go b/structClientIdDetails.go
deleted file mode 100755
index 111f980..0000000
--- a/structClientIdDetails.go
+++ /dev/null

@@ -1,15 +0,0 @@
-package apidVerifyApiKey
-
-// Fields related to consumer key
-type ClientIdDetails struct {
-	ClientId string `json:"clientId,omitempty"`
-
-	ClientSecret string `json:"clientSecret,omitempty"`
-
-	RedirectURIs []string `json:"redirectURIs,omitempty"`
-
-	Status string `json:"status,omitempty"`
-
-	// Attributes associated with the client Id.
-	Attributes []Attribute `json:"attributes,omitempty"`
-}

diff --git a/structCompanyDetails.go b/structCompanyDetails.go
deleted file mode 100755
index 94cca4a..0000000
--- a/structCompanyDetails.go
+++ /dev/null

@@ -1,25 +0,0 @@
-package apidVerifyApiKey
-
-// Fields related to company
-type CompanyDetails struct {
-	Id string `json:"id,omitempty"`
-
-	Name string `json:"name,omitempty"`
-
-	DisplayName string `json:"displayName,omitempty"`
-
-	Status string `json:"status,omitempty"`
-
-	Apps []string `json:"apps,omitempty"`
-
-	CreatedAt string `json:"created_at,omitempty"`
-
-	CreatedBy string `json:"created_by,omitempty"`
-
-	LastmodifiedAt string `json:"lastmodified_at,omitempty"`
-
-	LastmodifiedBy string `json:"lastmodified_by,omitempty"`
-
-	// Attributes associated with the company.
-	Attributes []Attribute `json:"attributes,omitempty"`
-}

diff --git a/structDeveloperDetails.go b/structDeveloperDetails.go
deleted file mode 100755
index ad3a37c..0000000
--- a/structDeveloperDetails.go
+++ /dev/null

@@ -1,31 +0,0 @@
-package apidVerifyApiKey
-
-// Fields related to developer
-type DeveloperDetails struct {
-	Id string `json:"id,omitempty"`
-
-	UserName string `json:"userName,omitempty"`
-
-	FirstName string `json:"firstName,omitempty"`
-
-	LastName string `json:"lastName,omitempty"`
-
-	Email string `json:"email,omitempty"`
-
-	Status string `json:"status,omitempty"`
-
-	Apps []string `json:"apps,omitempty"`
-
-	CreatedAt string `json:"created_at,omitempty"`
-
-	CreatedBy string `json:"created_by,omitempty"`
-
-	LastmodifiedAt string `json:"lastmodified_at,omitempty"`
-
-	LastmodifiedBy string `json:"lastmodified_by,omitempty"`
-
-	Company string `json:"company,omitempty"`
-
-	// Attributes associated with the developer.
-	Attributes []Attribute `json:"attributes,omitempty"`
-}

diff --git a/structErrorResponse.go b/structErrorResponse.go
deleted file mode 100755
index 298b844..0000000
--- a/structErrorResponse.go
+++ /dev/null

@@ -1,10 +0,0 @@
-package apidVerifyApiKey
-
-// Error response returned
-type ErrorResponse struct {
-	ResponseCode string `json:"response_code,omitempty"`
-
-	ResponseMessage string `json:"response_message,omitempty"`
-
-	Kind string `json:"kind,omitempty"`
-}

diff --git a/structVerifyApiKeyRequest.go b/structVerifyApiKeyRequest.go
deleted file mode 100755
index fc9b4aa..0000000
--- a/structVerifyApiKeyRequest.go
+++ /dev/null

@@ -1,18 +0,0 @@
-package apidVerifyApiKey
-
-type VerifyApiKeyRequest struct {
-	Action string `json:"action"`
-
-	Key string `json:"key"`
-
-	UriPath string `json:"uriPath"`
-
-	OrganizationName string `json:"organizationName"`
-
-	EnvironmentName string `json:"environmentName"`
-
-	ApiProxyName string `json:"apiProxyName"`
-
-	// when this flag is false, authentication of key and authorization for uripath is done and authorization for apiproxies and environments is skipped. Default is true.
-	ValidateAgainstApiProxiesAndEnvs bool `json:"validateAgainstApiProxiesAndEnvs,omitempty"`
-}

diff --git a/structVerifyApiKeySuccessResponse.go b/structVerifyApiKeySuccessResponse.go
deleted file mode 100755
index e3ea80e..0000000
--- a/structVerifyApiKeySuccessResponse.go
+++ /dev/null

@@ -1,27 +0,0 @@
-package apidVerifyApiKey
-
-// Response object for the verification of apikey. Verification of apikey response contains details such as developer-id,developer-email-id, other fields and attributes ; app-id,app-name, other fields and attributes;  apiproduct-name, fields and attributes ;
-type VerifyApiKeySuccessResponse struct {
-	Self string `json:"self,omitempty"`
-
-	// Organization Identifier/Name
-	Organization string `json:"organization,omitempty"`
-
-	// Environment Identifier/Name
-	Environment string `json:"environment,omitempty"`
-
-	ClientId ClientIdDetails `json:"clientId,omitempty"`
-
-	Developer DeveloperDetails `json:"developer,omitempty"`
-
-	Company CompanyDetails `json:"company,omitempty"`
-
-	App AppDetails `json:"app,omitempty"`
-
-	ApiProduct ApiProductDetails `json:"apiProduct,omitempty"`
-
-	// Identifier of the authorization code. This will be unique for each request.
-	Identifier string `json:"identifier,omitempty"`
-
-	Kind string `json:"kind,omitempty"`
-}

diff --git a/validate_path.go b/validate_path.go
index f170c51..f213bd8 100644
--- a/validate_path.go
+++ b/validate_path.go

@@ -56,3 +56,32 @@
 	/* if the i/p resource is empty, no checks need to be made */
 	return s == ""
 }
+
+func validatePathRegex(fs []string, requestBase string) bool {
+
+	for _, a := range fs {
+		str1 := strings.Replace(a, "**", "(.*)", -1)
+		str2 := strings.Replace(a, "*", "([^/]+)", -1)
+		if a != str1 {
+			reg, _ := regexp.Compile(str1)
+			res := reg.MatchString(requestBase)
+			if res == true {
+				return true
+			}
+		} else if a != str2 {
+			reg, _ := regexp.Compile(str2)
+			res := reg.MatchString(requestBase)
+			if res == true {
+				return true
+			}
+		} else if requestBase == a {
+			return true
+		}
+
+		/*
+		 * FIXME: SINGLE_FORWARD_SLASH_PATTERN not supported yet
+		 */
+	}
+	/* if the i/p resource is empty, no checks need to be made */
+	return len(fs) == 0
+}

diff --git a/verifyApiKeyStructs.go b/verifyApiKeyStructs.go
new file mode 100644
index 0000000..4c61747
--- /dev/null
+++ b/verifyApiKeyStructs.go

@@ -0,0 +1,118 @@
+package apidVerifyApiKey
+
+type ClientIdDetails struct {
+	ClientId     string   `json:"clientId,omitempty"`
+	ClientSecret string   `json:"clientSecret,omitempty"`
+	RedirectURIs []string `json:"redirectURIs,omitempty"`
+	Status       string   `json:"status,omitempty"`
+	// Attributes associated with the client Id.
+	Attributes []Attribute `json:"attributes,omitempty"`
+}
+
+type ApiProductDetails struct {
+	Id             string   `json:"id,omitempty"`
+	Name           string   `json:"name,omitempty"`
+	DisplayName    string   `json:"displayName,omitempty"`
+	QuotaLimit     string   `json:"quota.limit,omitempty"`
+	QuotaInterval  int64    `json:"quota.interval,omitempty"`
+	QuotaTimeunit  string   `json:"quota.timeunit,omitempty"`
+	Status         string   `json:"status,omitempty"`
+	CreatedAt      string   `json:"created_at,omitempty"`
+	CreatedBy      string   `json:"created_by,omitempty"`
+	LastmodifiedAt string   `json:"lastmodified_at,omitempty"`
+	LastmodifiedBy string   `json:"lastmodified_by,omitempty"`
+	Company        string   `json:"company,omitempty"`
+	Environments   []string `json:"environments,omitempty"`
+	Apiproxies     []string `json:"apiproxies,omitempty"`
+	// Attributes associated with the apiproduct.
+	Attributes []Attribute `json:"attributes,omitempty"`
+	Resources  []string    `json:"-"`
+}
+
+type AppDetails struct {
+	Id             string   `json:"id,omitempty"`
+	Name           string   `json:"name,omitempty"`
+	AccessType     string   `json:"accessType,omitempty"`
+	CallbackUrl    string   `json:"callbackUrl,omitempty"`
+	DisplayName    string   `json:"displayName,omitempty"`
+	Status         string   `json:"status,omitempty"`
+	Apiproducts    []string `json:"apiproducts,omitempty"`
+	AppFamily      string   `json:"appFamily,omitempty"`
+	CreatedAt      string   `json:"created_at,omitempty"`
+	CreatedBy      string   `json:"created_by,omitempty"`
+	LastmodifiedAt string   `json:"lastmodified_at,omitempty"`
+	LastmodifiedBy string   `json:"lastmodified_by,omitempty"`
+	Company        string   `json:"company,omitempty"`
+	// Attributes associated with the app.
+	Attributes []Attribute `json:"attributes,omitempty"`
+}
+
+type Attribute struct {
+	Name  string `json:"Name,omitempty"`
+	Value string `json:"Value,omitempty"`
+	Kind  string `json:"kind,omitempty"`
+}
+
+type CompanyDetails struct {
+	Id             string   `json:"id,omitempty"`
+	Name           string   `json:"name,omitempty"`
+	DisplayName    string   `json:"displayName,omitempty"`
+	Status         string   `json:"status,omitempty"`
+	Apps           []string `json:"apps,omitempty"`
+	CreatedAt      string   `json:"created_at,omitempty"`
+	CreatedBy      string   `json:"created_by,omitempty"`
+	LastmodifiedAt string   `json:"lastmodified_at,omitempty"`
+	LastmodifiedBy string   `json:"lastmodified_by,omitempty"`
+	// Attributes associated with the company.
+	Attributes []Attribute `json:"attributes,omitempty"`
+}
+
+type DeveloperDetails struct {
+	Id             string   `json:"id,omitempty"`
+	UserName       string   `json:"userName,omitempty"`
+	FirstName      string   `json:"firstName,omitempty"`
+	LastName       string   `json:"lastName,omitempty"`
+	Email          string   `json:"email,omitempty"`
+	Status         string   `json:"status,omitempty"`
+	Apps           []string `json:"apps,omitempty"`
+	CreatedAt      string   `json:"created_at,omitempty"`
+	CreatedBy      string   `json:"created_by,omitempty"`
+	LastmodifiedAt string   `json:"lastmodified_at,omitempty"`
+	LastmodifiedBy string   `json:"lastmodified_by,omitempty"`
+	Company        string   `json:"company,omitempty"`
+	// Attributes associated with the developer.
+	Attributes []Attribute `json:"attributes,omitempty"`
+}
+
+type ErrorResponse struct {
+	ResponseCode    string `json:"response_code,omitempty"`
+	ResponseMessage string `json:"response_message,omitempty"`
+	Kind            string `json:"kind,omitempty"`
+}
+
+type VerifyApiKeyRequest struct {
+	Action           string `json:"action"`
+	Key              string `json:"key"`
+	UriPath          string `json:"uriPath"`
+	OrganizationName string `json:"organizationName"`
+	EnvironmentName  string `json:"environmentName"`
+	ApiProxyName     string `json:"apiProxyName"`
+	// when this flag is false, authentication of key and authorization for uripath is done and authorization for apiproxies and environments is skipped. Default is true.
+	ValidateAgainstApiProxiesAndEnvs bool `json:"validateAgainstApiProxiesAndEnvs,omitempty"`
+}
+
+type VerifyApiKeySuccessResponse struct {
+	Self string `json:"self,omitempty"`
+	// Organization Identifier/Name
+	Organization string `json:"organization,omitempty"`
+	// Environment Identifier/Name
+	Environment string            `json:"environment,omitempty"`
+	ClientId    ClientIdDetails   `json:"clientId,omitempty"`
+	Developer   DeveloperDetails  `json:"developer,omitempty"`
+	Company     CompanyDetails    `json:"company,omitempty"`
+	App         AppDetails        `json:"app,omitempty"`
+	ApiProduct  ApiProductDetails `json:"apiProduct,omitempty"`
+	// Identifier of the authorization code. This will be unique for each request.
+	Identifier string `json:"identifier,omitempty"`
+	Kind       string `json:"kind,omitempty"`
+}