Revert "Add JWT authentication"

This reverts commit 43b28a6.
wso2 · Mar 5, 2024 · 88a8bdb · 88a8bdb
1 parent 3610265
commit 88a8bdb
Show file tree

Hide file tree

Showing 37 changed files with 788 additions and 1,881 deletions.
diff --git a/adapter/api/proto/wso2/discovery/api/api_authentication.proto b/adapter/api/proto/wso2/discovery/api/api_authentication.proto
@@ -35,17 +35,16 @@ message APIKey {
 message JWT {
  string header = 1; // name of the header containing the JWT
  bool sendTokenToUpstream = 2; // send the token to upstream
- repeated string audience = 3;
-}
-
-message Oauth2 {
- string header = 1; // name of the header containing the JWT
- bool sendTokenToUpstream = 2; // send the token to upstream
 }
 
 message APIAuthentication {
  bool disabled = 1; // disable authentication
  JWT jwt = 2;
  repeated APIKey apikey = 3;
- Oauth2 Oauth2 = 4;
+ TestConsoleKey testConsoleKey = 4;
+}
+
+message TestConsoleKey {
+ string header = 1; // name of the header containing the test key
+ bool sendTokenToUpstream = 2; // send the token to upstream
 }
diff --git a/adapter/internal/oasparser/config_generator.go b/adapter/internal/oasparser/config_generator.go
@@ -258,7 +258,6 @@ func castAPIAuthenticationsToEnforcerAPIAuthentications(authentication *model.Au
  enforcerAuthentication.Jwt = &api.JWT{
  Header: strings.ToLower(authentication.JWT.Header),
  SendTokenToUpstream: authentication.JWT.SendTokenToUpstream,
- Audience: authentication.JWT.Audience,
  }
  }
  var apiKeys []*api.APIKey
@@ -274,12 +273,19 @@ func castAPIAuthenticationsToEnforcerAPIAuthentications(authentication *model.Au
  })
  }
  enforcerAuthentication.Apikey = apiKeys
- if authentication.Oauth2 != nil {
- enforcerAuthentication.Oauth2 = &api.Oauth2{
- Header: strings.ToLower(authentication.Oauth2.Header),
- SendTokenToUpstream: authentication.Oauth2.SendTokenToUpstream,
+ if authentication.TestConsoleKey != nil {
+ enforcerAuthentication.TestConsoleKey = &api.TestConsoleKey{
+ Header: strings.ToLower(authentication.TestConsoleKey.Header),
+ SendTokenToUpstream: authentication.TestConsoleKey.SendTokenToUpstream,
  }
  }
+ if authentication.TestConsoleKey != nil {
+ enforcerAuthentication.TestConsoleKey = &api.TestConsoleKey{
+ Header: strings.ToLower(authentication.TestConsoleKey.Header),
+ SendTokenToUpstream: authentication.TestConsoleKey.SendTokenToUpstream,
+ }
+ }
+
  return enforcerAuthentication
 }
 

diff --git a/adapter/internal/oasparser/model/api_operation.go b/adapter/internal/oasparser/model/api_operation.go
@@ -50,18 +50,17 @@ type Authentication struct {
  Disabled bool
  JWT *JWT
  APIKey []APIKey
- Oauth2 *Oauth2
+ TestConsoleKey *TestConsoleKey
 }
 
 // JWT holds JWT related configurations
 type JWT struct {
  Header string
  SendTokenToUpstream bool
- Audience []string
 }
 
-// Oauth2 holds Oauth2 related configurations
-type Oauth2 struct {
+// TestConsoleKey holds testkey related configurations
+type TestConsoleKey struct {
  Header string
  SendTokenToUpstream bool
 }

diff --git a/adapter/internal/oasparser/model/http_route.go b/adapter/internal/oasparser/model/http_route.go
@@ -19,6 +19,7 @@ package model
 
 import (
  "github.com/google/uuid"
+ "github.com/wso2/apk/adapter/internal/loggers"
  "github.com/wso2/apk/adapter/internal/oasparser/constants"
  "github.com/wso2/apk/adapter/internal/operator/utils"
  dpv1alpha1 "github.com/wso2/apk/common-go-libs/apis/dp/v1alpha1"
@@ -233,28 +234,19 @@ func getSecurity(authScheme *dpv1alpha2.Authentication) *Authentication {
  sendTokenToUpstream = authScheme.Spec.Override.AuthTypes.Oauth2.SendTokenToUpstream
  }
  auth := &Authentication{Disabled: false,
- Oauth2: &Oauth2{Header: authHeader, SendTokenToUpstream: sendTokenToUpstream},
+ TestConsoleKey: &TestConsoleKey{Header: constants.TestConsoleKeyHeader},
+ JWT: &JWT{Header: authHeader, SendTokenToUpstream: sendTokenToUpstream},
  }
  if authScheme != nil && authScheme.Spec.Override != nil {
  if authScheme.Spec.Override.Disabled != nil && *authScheme.Spec.Override.Disabled {
  return &Authentication{Disabled: true}
  }
  authFound := false
- if authScheme.Spec.Override.AuthTypes != nil && !authScheme.Spec.Override.AuthTypes.Oauth2.Disabled {
- authFound = true
- } else {
- auth = &Authentication{Disabled: false}
- }
- if authScheme.Spec.Override.AuthTypes != nil && authScheme.Spec.Override.AuthTypes.JWT.Disabled != nil && !*authScheme.Spec.Override.AuthTypes.JWT.Disabled {
- audience := make([]string, 0)
- if len(authScheme.Spec.Override.AuthTypes.JWT.Audience) > 0 {
- audience = authScheme.Spec.Override.AuthTypes.JWT.Audience
+ if authScheme.Spec.Override.AuthTypes != nil && authScheme.Spec.Override.AuthTypes.Oauth2.Disabled {
+ auth = &Authentication{Disabled: false,
+ TestConsoleKey: &TestConsoleKey{Header: constants.TestConsoleKeyHeader},
  }
- jwtHeader := constants.TestConsoleKeyHeader
- if len(authScheme.Spec.Override.AuthTypes.JWT.Header) > 0 {
- jwtHeader = authScheme.Spec.Override.AuthTypes.JWT.Header
- }
- auth.JWT = &JWT{Header: jwtHeader, SendTokenToUpstream: sendTokenToUpstream, Audience: audience}
+ } else {
  authFound = true
  }
  if authScheme.Spec.Override.AuthTypes != nil && authScheme.Spec.Override.AuthTypes.APIKey != nil {
@@ -270,6 +262,7 @@ func getSecurity(authScheme *dpv1alpha2.Authentication) *Authentication {
  auth.APIKey = apiKeys
  }
  if !authFound {
+ loggers.LoggerOasparser.Debug("Disabled security.")
  return &Authentication{Disabled: true}
  }
  }