Skip to content

Commit

Permalink
Add config deployer support for API Key
Browse files Browse the repository at this point in the history
  • Loading branch information
@sgayangi
sgayangi committed Jul 18, 2024
1 parent 4c9ab4e commit 7aca1bb
Show file tree
Hide file tree
Showing 4 changed files with 59 additions and 31 deletions.
20 changes: 16 additions & 4 deletions runtime/config-deployer-service/ballerina/APIClient.bal
View file
Original file line number Diff line number Diff line change
Expand Up @@ -361,17 +361,29 @@ public class APIClient {
} else if authentication.authType == "JWT" {
JWTAuthentication jwtAuthentication = check authentication.cloneWithType(JWTAuthentication);
authTypes.jwt = {header: <string>jwtAuthentication.headerName, sendTokenToUpstream: <boolean>jwtAuthentication.sendTokenToUpstream, disabled: !jwtAuthentication.enabled, audience: jwtAuthentication.audience};
} else if authentication.authType == "APIKey" && authentication is APIKeyAuthentication {
APIKeyAuthentication apiKeyAuthentication = check authentication.cloneWithType(APIKeyAuthentication);
} else if authentication.authType == "APIKey" {
APIKeyAuthentication apiKeyAuthentication;
if authentication is OAuth2Authentication {
apiKeyAuthentication = {
required: authentication.required,
sendTokenToUpstream: authentication.sendTokenToUpstream,
headerName: authentication.headerName,
headerEnable: authentication.headerEnable
};
} else {
apiKeyAuthentication = check authentication.cloneWithType(APIKeyAuthentication);
}
model:APIKey[] apiKeys = [];

if apiKeyAuthentication.headerEnable {
apiKeys.push({'in: "Header", name: <string>apiKeyAuthentication.headerName, sendTokenToUpstream: apiKeyAuthentication.sendTokenToUpstream});
}
if apiKeyAuthentication.queryParamEnable {
apiKeys.push({'in: "Query", name: <string>apiKeyAuthentication.queryParamName, sendTokenToUpstream: apiKeyAuthentication.sendTokenToUpstream});
}
authTypes.apiKey = apiKeys;
authTypes.apiKey = {
required: <string>apiKeyAuthentication.required,
keys: apiKeys
};
} else if authentication.authType == "mTLS" {
MTLSAuthentication mtlsAuthentication = check authentication.cloneWithType(MTLSAuthentication);
isMTLSMandatory = mtlsAuthentication.required == "mandatory";
Expand Down
7 changes: 6 additions & 1 deletion runtime/config-deployer-service/ballerina/modules/model/Authentication.bal
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,9 +36,9 @@ public type AuthenticationData record {

public type AuthenticationExtensionType record {
OAuth2Authentication oauth2?;
APIKey[] apiKey = [];
MutualSSL mtls?;
JWTAuthentication jwt?;
APIKeyAuthentication apiKey?;
};

public type MutualSSL record {
Expand All @@ -63,6 +63,11 @@ public type JWTAuthentication record {
string[] audience = [];
};

public type APIKeyAuthentication record {
string required;
APIKey[] keys = [];
};

public type InternalKey record {
string header?;
string sendTokenToUpstream?;
Expand Down
61 changes: 35 additions & 26 deletions runtime/config-deployer-service/ballerina/tests/APIClientTest.bal
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
import ballerina/test;
import config_deployer_service.model;
import config_deployer_service.org.wso2.apk.config.model as runtimeModels;
import wso2/apk_common_lib;

import ballerina/io;
import ballerina/test;

import wso2/apk_common_lib;
import wso2/apk_common_lib as commons;

commons:Organization organization = {
Expand Down Expand Up @@ -505,18 +507,21 @@ public function testAPIKeyOnlyEnable() returns error? {
model:AuthenticationData expectedAuthenticationData = {
disabled: false,
authTypes: {
apiKey: [
{
'in: "Header",
name: "apiKey",
sendTokenToUpstream: false
},
{
'in: "Query",
name: "apiKey",
sendTokenToUpstream: false
}
]
apiKey: {
required: "optional",
keys: [
{
'in: "Header",
name: "apiKey",
sendTokenToUpstream: false
},
{
'in: "Query",
name: "apiKey",
sendTokenToUpstream: false
}
]
}
}
};

Expand Down Expand Up @@ -545,18 +550,22 @@ public function testAPIKeyAndJWTEnable() returns error? {
model:AuthenticationData expectedAuthenticationData = {
disabled: false,
authTypes: {
apiKey: [
{
'in: "Header",
name: "apiKey",
sendTokenToUpstream: false
},
{
'in: "Query",
name: "apiKey",
sendTokenToUpstream: false
}
],
apiKey: {
required: "optional",
keys:
[
{
'in: "Header",
name: "apiKey",
sendTokenToUpstream: false
},
{
'in: "Query",
name: "apiKey",
sendTokenToUpstream: false
}
]
},
oauth2: {
required: "mandatory",
disabled: false,
Expand Down
2 changes: 2 additions & 0 deletions runtime/config-deployer-service/ballerina/types.bal
View file
Original file line number Diff line number Diff line change
Expand Up @@ -469,13 +469,15 @@ public type RetryPolicy record {

# Configuration for API Key Auth Type
#
# + required - If APIKey is optional or mandatory
# + sendTokenToUpstream - Enables sending the API Key to upstream.
# + headerName - Name of APIKey header.
# + queryParamName - Name of APIKey query parameter.
# + headerEnable - Enable sending API Key in header.
# + queryParamEnable - Enable sending API Key as a query param.
public type APIKeyAuthentication record {|
*Authentication;
string required = "optional";
boolean sendTokenToUpstream = false;
string headerName = "apiKey";
string queryParamName = "apiKey";
Expand Down

0 comments on commit 7aca1bb

Please sign in to comment.